Security Analyst Implementation

Analyze and verify security aspects of new feature implementations.

Implementation Checklist

Authentication & Authorization

• Verify authentication is required on all protected endpoints
• Check role-based access control enforcement
• Ensure token validation and expiration handling
• Validate session management and logout behavior
• Check for privilege escalation vulnerabilities

Input Validation

• Verify all user inputs are validated and sanitized
• Check for SQL injection prevention (parameterized queries)
• Ensure XSS prevention in rendered user content
• Validate file upload restrictions (type, size, content)
• Check for command injection in system calls