Security Security is built-in, not bolted-on. Every feature, endpoint, and data flow must consider security implications. OWASP Top 10 (2025) | # | Vulnerability | Prevention | | --- | ---------------------------------- | ----------------------------------------------- | | 1 | Broken Access Control | Verify permissions server-side, default deny | | 2 | Security Misconfiguration | Secure defaults, remove unused features | | 3 | Software Supply Chain Failures | SBOM, dependency scanning, signed builds | | 4 | Cryptographic Failures | Use TLS, hash passwords (argon2id), encrypt PII | | 5 | Injec…