Do you use Linux-Hardened kernel and/or Firejail?

Just curious how many folks take additional security measures on their AL boxes. I’m planning an install for a new system build and am wanting to do a bit more than my usual setup regarding security.
Seems like Linux-hardened kernel, apparmour, and firejail are the big three to investigate ?

Nothing particulary sensitive on the system, but I’d like to set it up with current best-practices since it will likely be running & online for a long time.

Any advice offered ?

Hi Flomax,
on my side i use Lynis and follow his recommandation.
I have so the firewall gufw Gufw