Grsecurity® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 13 years. Commercial support for Grsecurity is available through Open Source Security Inc.
Grsecurity has protection against zero-day and other advanced threats that gives administrators valuable time while vulnerability fixes make their way out to distributions and production testing.
Unlike LSMs, Grsecurity tackles a wider scope of security problems. While access control has its place, it is incapable of dealing with many real-life security issues, especially in webhosting environments where an attacker can fraudulently purchase local access to the system.
Grsecurity confines its changes to the Linux kernel itself, making it possible to use with any distribution or device embedded, server, or desktop. Grsecurity is also available on multiple platforms, such as x86, ARM, and MIPS.