diff --git a/modules/default.nix b/modules/default.nix
index bbcc38b..90d3596 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -47,6 +47,9 @@
     ./virtualisation/default.nix
     ./virtualisation/gaming.nix
 
+    # Security
+    ./security/apparmor.nix
+    
     # Pure options
     ./base.nix
   ];
diff --git a/modules/security/apparmor.nix b/modules/security/apparmor.nix
new file mode 100644
index 0000000..d5ad74d
--- /dev/null
+++ b/modules/security/apparmor.nix
@@ -0,0 +1,24 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.ptw.security.apparmor;
+in {
+  options.ptw.security.apparmor = {
+    enable = lib.mkEnableOption "Enable AppArmor";
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [
+      apparmor-bin-utils
+    ];
+
+    services.dbus.apparmor = "enabled";
+    security.apparmor = {
+      enable = true;
+      enableCache = true;
+      includes = {
+        profiles = "${pkgs.apparmor-profiles}/etc/apparmor.d";
+      };
+    };
+  };
+}