The FreeBSD security model has been developed over thirty years of evolving consumer needs. Many of the key developments have come from the contributions of an active security research community. This talk describes the underlying model and its practical implementation, from its origins in the UNIX process model and file permissions, to more recent additions: the Capsicum capability model, lightweight Jail virtualization, Mandatory Access Control, and security event auditing. These elements combine to meet the requirements of diverse systems ranging across hand-held computing devices, network devices, storage appliances, and Internet service-provider's large-scale hosting environments.