In the past decade, security has become one of the 3 key areas in compiler design and implementation, next to correctly translating to assembly and optimization. In comparison to general correctness and optimization, we're lacking tools to test correct code generation of security hardening features. This presentation shows the results of an experiment to build a prototype binary static analyzer for 2 security hardening features (pac-ret, stack clash) using BOLT. The results are promising and I propose to integrate this into the upstream BOLT project to enable us to implement higher-quality security mitigations in LLVM and other compilers.