[ENOTTY]

SELinunx and SE for Android are two examples of NSA doing defensive work recently. Also NSA's Information Assurance Directorate puts out guidance[1]. But as to the level of investment in offense versus defense, you'll have to draw your own conclusions.

[1] https://github.com/iadgov

[simoncion]

SELinux made its public debut seventeen years ago, so it's not the best example of "recent" defensive work done by the NSA. ;)

To speak about SE for Android: I'm not sure how much weight I would lend to a few NSA employees helping Google/AOSP create SELinux profiles for Android. (It is recent work, though!)

I'm fairly certain that I would lend a lot of weight to public efforts to harden systems against the kinds of attacks that their TAO division launches.