We believe that both commercial and free or open source software are necessary for a solid corporate strategy. Furthermore, security software should be subject to peer review, and the only way to reach a wider audience is to make it freely available. We have developed the following commercial products and open source projects:

Commercial

We are prearing the launch of different commercial security solutions in 2012, for Linux and Windows systems.

Open Source

KERNHEAP (2009-2010)

KERNHEAP was a project to implement pragmatic and effective protections for the Linux kernel dynamic memory allocators. The project is no longer maintained nor freely available as of 2011. The initial implementation was the first specialized set of protections succeeding in deterring both known and unknown attacks against the Linux kernel, whenever a vulnerability or zeroday involved a dynamic memory allocator interface, such as the SLAB layer.

US National Security Agency SELinux (2005-2007)

We've been involved in the development of new features for the NSA sponsored Security-Enhanced Linux project. SELinux is the keystone to the security architecture of Red Hat's product line, and other security vendors offering Linux based security solutions to the public sector. Among other things, we created the fine-grained executable memory permissions used to segregate segments of memory and establish strict guidelines to restrict changes in their permission sets at page level, complicating the successful exploitation of memory corruption vulnerabilities, when used altogether with NX capable hardware and a memory protection patch such as PaX or ExecShield (included in Linux).