Regular code reviews like what the OpenBSD folks do. Also, they appear to be back on OpenSSL again[0], and not using LibreSSL like the list claims. If they can't even accurately reflect which SSL library they are using, what else on the list is incorrect?

0. https://hardenedbsd.org/article/shawn-webb/2018-04-30/harden...

HardenedBSD still uses LibreSSL in base. The switch back to OpenSSL will be on 01 July 2018, as mentioned in the article you linked to.

Regular code reviews are a process, not a feature and switching back to OpenSSL is a future change.

Any actual features that support your cynicism?