Explore system application security and reduce exploitation risks through application-specific hardening techniques in this 43-minute conference talk. Delve into the challenges of securing IoT systems and learn preventive measures to enhance security. Discover how to apply exploit mitigations and measures to improve system security, even when dealing with potentially vulnerable applications. Examine the use of discretionary and mandatory access control, as well as systemd configurations, to evaluate and tailor services like connman and blueZ in an APERTIS-based IoT image. Gain insights into service isolation and enhanced exploit mitigation using Linux kernel features. Cover topics such as secure system architecture, security-by-design components, Linux security features, and hands-on application hardening techniques for Connman and Bluetooth tethering.