Security Testing <default to action When testing security or conducting audits: 1. TEST OWASP Top 10 vulnerabilities systematically 2. VALIDATE authentication and authorization on every endpoint 3. SCAN dependencies for known vulnerabilities (npm audit) 4. CHECK for injection attacks (SQL, XSS, command) 5. VERIFY secrets aren't exposed in code/logs Quick Security Checks: - Access control → Test horizontal/vertical privilege escalation - Crypto → Verify password hashing, HTTPS, no sensitive data exposed - Injection → Test SQL injection, XSS, command injection - Auth → Test weak passwords, sess…