diff --git a/config/common/common-packages.yml b/config/common/common-packages.yml
index 0d98c33..7f2498c 100644
--- a/config/common/common-packages.yml
+++ b/config/common/common-packages.yml
@@ -5,7 +5,6 @@ install:
   - lm_sensors
   - lynis
   - hardened_malloc
-  - chkrootkit
   - usbguard
   - usbguard-dbus
 
diff --git a/config/files/usr/etc/chromium/policies/managed/hardening.json b/config/files/usr/etc/chromium/policies/managed/hardening.json
index 08eff5a..6863971 100644
--- a/config/files/usr/etc/chromium/policies/managed/hardening.json
+++ b/config/files/usr/etc/chromium/policies/managed/hardening.json
@@ -40,5 +40,8 @@
 	"CloudPrintSubmitEnabled": false,
 	"AutofillAddressEnabled": false,
 	"AutofillCreditCardEnabled": false,
-	"ImportSavedPasswords": false
+	"ImportSavedPasswords": false,
+	"DefaultWebUsbGuardSetting": 2,
+	"DefaultWebBluetoothGuardSetting": 2,
+	"DefaultSerialGuardSetting": 2
 }
\ No newline at end of file
diff --git a/config/files/usr/etc/chromium/policies/managed/hardening.json.readme.md b/config/files/usr/etc/chromium/policies/managed/hardening.json.readme.md
index ed0192e..cc82774 100644
--- a/config/files/usr/etc/chromium/policies/managed/hardening.json.readme.md
+++ b/config/files/usr/etc/chromium/policies/managed/hardening.json.readme.md
@@ -166,4 +166,16 @@
 
 **Do not import saved passwords on first run**
 
-`"ImportSavedPasswords": false`
\ No newline at end of file
+`"ImportSavedPasswords": false`
+
+**Disable WebUSB by default**
+
+`"DefaultWebUsbGuardSetting": 2`
+
+**Disable WebBluetooth by default**
+
+`"DefaultWebBluetoothGuardSetting": 2`
+
+**Disable serial port access by default**
+
+`"DefaultSerialGuardSetting": 2`
\ No newline at end of file