Adding security.php to /inc folder with some basic security stuff. For example: Removing „Generator“ info from markup and other WP specific markup which is used by hackers to identify weak WP installs