diff --git a/Hardening.md b/Hardening.md
index a3da81b..fe59332 100644
--- a/Hardening.md
+++ b/Hardening.md
@@ -28,13 +28,14 @@ If the hardware running HalogenOS is properly manufactured and configured, it sh
 
 - Checks & reports on hardware/firmware security
 - Unified Kernel Image boot
-- Secure Boot with locally generated keys
+- Secure Boot with encrypted, locally generated keys
 - dm-verity enabled for system partition
 - squashfs based system images
 - LUKS encryption enabled for user partition
 - TPM2 based automatic unlocking
 - Automatic repair in case of tampering
 - User alerted if hardware security baseline changes
+- Kernel-based file integrity for volatile files
 
 ## Configuration
 
@@ -46,6 +47,7 @@ Various controls on the kernel's networking stack, filesystem stack, and on some
 - `noexec` set for `/tmp`
 - Root logon disabled
 - No superuser access on production builds
+- System files on non-system partitions only accessible by root
 - sshd disabled
 
 ## Updates