Bcrypt password hashing Rate-limited AI endpoints (5 req/min) Audit logging with injection detection Prompt injection defense in ATS service HSTS + full security headers ...