Dr. Vinay Kumar Yadav.

Evidence · 03

How do you think about security?

As a zero-trust audit, then remediation mapped to specific threats — not a checklist of buzzwords bolted on afterward.

ControlThreat mitigatedImplementationStatus
JWT denylistStolen or leaked token reused after logoutRevoked tokens tracked server-side and checked on every authenticated requestEnforced
bcrypt hashingCredential or OTP database leakPasswords and OTPs bcrypt-hashed before storage — never stored in plaintextEnforced
IDOR / authz guardsCross-account access to another user's dataExplicit ownership checks on every resource route, verified in a zero-trust auditFixed
OTP rate limitingBrute-force OTP guessing5 attempts per 30 minutes, then lockedCapped
PII maskingContact leakage before a tenant paysOwner and tenant phone numbers stay masked until a paid unlock clearsEnforced
Stored XSS remediationMalicious script injected via listing contentInput sanitized and output-encoded; found and fixed during a zero-trust security auditFixed
Money / PII audit loggingUndetected fraud or data misuseEvery payment event and PII access is written to an audit logEnforced
Prod fail-fast configSilent misconfiguration reaching productionApp refuses to boot in production if dev-only settings or secrets are detectedEnforced
Webhook signature verificationSpoofed WhatsApp/Meta webhook payloadsEvery inbound webhook is signature-checked before it's processedEnforced

Philosophy

Assume the request is hostile, then prove it isn't

Every control above exists because a specific attack path was named first: token replay, credential leak, cross-account access, brute force, contact scraping, script injection, silent misconfiguration, forged webhooks. None of them were added speculatively — each maps to a threat identified in a zero-trust security audit and closed with a verifiable fix, not a policy document.

Full context in the ConfirmHai case study →