[pclmulqdq]

My tiny company is starting on this philosophy. The core device and our real IP is closed-source, but all the other components around it are open. Going forward, the same sort of thing will apply - almost everything open, except the bits that are actually hard to replicate.

Since the market is security, it makes a lot of sense to open-source as much as possible without compromising our market positioning.

I believe several other security-related companies (Tailscale comes to mind) also adopt this philosophy.