diff --git a/defaults/main.yml b/defaults/main.yml
index f839a05..d2507a0 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -6,6 +6,7 @@ kernel_disable_modules:
   - sctp
   - tipc
   - rds
+  - bluetooth
 
 kernel_blacklist_modules: []
 
diff --git a/templates/etc/sysctl.d/dump.conf.j2 b/templates/etc/sysctl.d/dump.conf.j2
index bdf623b..155b772 100644
--- a/templates/etc/sysctl.d/dump.conf.j2
+++ b/templates/etc/sysctl.d/dump.conf.j2
@@ -2,5 +2,8 @@
 # Controls whether core dumps will append the PID to the core filename
 kernel.core_uses_pid = 1
 
+# Disable storing core dumps
+kernel.core_pattern = |/bin/false
+
 # Disable core dumps for setuid programs
 fs.suid_dumpable = 0
diff --git a/templates/etc/sysctl.d/local.conf.j2 b/templates/etc/sysctl.d/local.conf.j2
index f0a17cd..99bb6b1 100644
--- a/templates/etc/sysctl.d/local.conf.j2
+++ b/templates/etc/sysctl.d/local.conf.j2
@@ -7,21 +7,9 @@ kernel.randomize_va_space = 2
 # Controls the System Request debugging functionality of the kernel
 kernel.sysrq = 0
 
-# Restrict unprivileged access to kernel syslog
-kernel.dmesg_restrict = 1
-
-# Restrict kernel address exposing
-kernel.kptr_restrict = 2
-
-# Limit scope for ptrace
-kernel.yama.ptrace_scope = 2
-
 # Command is trapped and sent to the init program to handle a graceful restart
 kernel.ctrl-alt-del = 0
 
-# Disable access to performance events by users without CAP_SYS_ADMIN
-kernel.perf_event_paranoid = 3
-
 # Prevents unprivileged users from being able to use eBPF
 kernel.unprivileged_bpf_disabled = 1