snowy mountains

Grsecurity Leads in Spectre Defense

Unlike the manual, ad-hoc approach to finding and fixing Spectre v1 vulnerabilities employed elsewhere, our much higher coverage Respectre™ compiler plugin discovers and automatically instruments the code with high-performance fixes.

Read more
snowy mountains

Grsecurity Adds Confidence to Containers

No security strategy for today's container-based deployments is complete without grsecurity®. Our unmatched defenses add critical hardening to the Linux kernel, a ripe source of vulnerabilities and involved in most container escapes.

Read more
snowy mountains

Grsecurity Ends Code Reuse Attacks

RAP® is our patented and best-of-breed Control Flow Integrity (CFI) defense against code reuse attacks like ROP. Its performance, security guarantees, and ability to scale to complex C/C++ codebases of arbitrary size are unmatched.

Read more


Draper strongly recommends grsecurity to all of our Department of Defense (DoD) customers so they have the latest and state-of-the-art in vulnerability prevention and exploit defense.

Few, if any, people can lay claim to a bigger impact on modern exploit mitigation than the PaX and grsecurity teams. Their work has shaped how security works today, and they continue to remain at the forefront. Grsecurity is built and trusted by experts.

When building systems that hold sensitive customer data, no other platform is as trusted by professional security engineers, like those at Immunity, than grsecurity. We have 15 years of experience breaking systems, and grsecurity has 15 years of experience protecting them from people like us.

A lot of work has been done in the past 17 years on exploit mitigations - some practical, and some effective. Very few mechanisms were both practical and effective. The grsecurity and PaX team have been behind almost all of them.

The people behind grsecurity/PaX are pioneers in computer security. Your Linux servers are in good hands with them.

During the Bugtraq "golden era" I witnessed first-hand the direct effect of the pioneering research by the grsecurity and PaX team on real world vulnerability exploit feasibility. What was once possible with a simple stack overflow now requires a complex multiple-vulnerability bug chain.

You can thank Grsecurity/PaX for many of the memory safety mitigations the world relies on today. These projects redefined software security.

PaX and grsecurity are world class innovators in software security. They have played a pivotal role in creating multiple exploit mitigation technologies that are now considered industry standard.

grsecurity and PaX have driven the state of the art in effective and realistic exploit mitigations for the past 17+ years. They've defined what are now considered industry standards and are still ahead of what's coming in the future elsewhere.


Grsecurity provides a full suite of synergistic defenses, from security-enhanced compilation and our world-class memory corruption defenses to access control.

Learn More

Latest News