Oh yes there is. ARMv9 MTE, Titan M2 secure element supporting Android Verified Boot, StrongBox (https://source.android.com/docs/security/features/keystore), Weaver, Hardware key attestation and Insider attack resistance, as well as a programmable USB controller that allows the user to fully disable USB-C (while the device is locked) on a hardware level. Pixels also have hardware support for full Wi-Fi MAC address randomization, and all radios are completely separated from the main system through IOMMU. I recommend this video, it’s a pretty good breakdown of some of the hardware security features + the GrapheneOS privacy/security improvements.