Why would anyone want to run unmainlined security patches from a company?

This is how CrowdStrike happened.

This feels like security via business decision which is always the opposite of security. At least this would be open source now? 🤷‍♂️

This is very good news, the closing of grsec has been a huge loss for Linux hardening.