Status: IN
RHEL 9 defense-in-depth extends from hardware-level security mitigations (SMT disable for L1TF/MDS, BPF JIT hardening, unprivileged BPF restrictions, MMIO buffer clearing) through software security controls (SELinux enforcing, firewalld active, system-wide crypto policies, granular audit logging), providing security assurance at every layer of the stack.