HardenedBSD, which is based on FreeBSD, officially launched in August 2014. The HardenedBSD developers have been working hard to write expert security and exploit mitigation features. This presentation dives into each feature, showing how each is designed and written. We will dive into ASLR; mprotect restrictions; [lin]procfs restrictions; a new feature we call Integriforce, which is inspired by NetBSD’s Veriexec; and other exploit mitigation features.