Sure, and 3rd parties usually pull/implement this stuff, I know Sony at least uses ASLR and some other isolation tactics on their version of FreeBSD for the PS3, PSV, and their PS4 products so I'm sure other companies using it have their own security featureset that they use.
I think that's a big part and appeal of the system, it's documented well and modular enough that you can morph it to fit the paradigm you want, some people strip it down for things like embedded systems, others add more to it for security, redundancy, special hardware, etc. FreeBSD specifically is used in a lot of places probably because it's so malleable, that's my guess at least, obviously everyone has their own reason for using it.
It's similar to NetBSD in a sense of being ubiquitous in a lot of ways despite working on so many platforms. For FreeBSD it's more of the same but just for the core project, a lot of things overlap even if you modify it to work for you. Like you can still find use in the handbook, or the ports tree, etc. but have your special kernel or even userland features, re-using the good bits from the base project.
