Security
Hardening
Reducing attack surface and making the most likely vulnerabilities significantly harder to exploit. Defense in depth, not security theater.
Authentication Hardening
Secure session management, CSRF protection, rate limiting on auth endpoints, account lockout policies, and MFA implementation.
HTTP Security Headers
CSP, HSTS, X-Frame-Options, referrer policy, and permissions policy — configured correctly for your specific application, not just copied from a template.
Secrets Management
Rotating exposed secrets, migrating from hardcoded env vars to proper vaults (AWS Secrets Manager, Doppler), and auditing secret sprawl.
Database Security
Row-level security policies, principle of least privilege on DB roles, encryption at rest, and connection security configuration.
Container & Runtime Security
Non-root containers, read-only filesystems, resource limits, network policies, and image scanning in CI to stop vulnerable images from deploying.