Implemented backend security fixes including IDOR prevention and input sanitization for PDF generation, reducing unauthorized data access vectors on a portal serving 7,000 students. Enforced business logic constraints for NOC applications (rate limiting, duplicate detection within rolling windows) at the API layer, reducing policy violations. Built bulk delete functionality across backend routes and frontend UI, reducing repetitive admin effort for placement coordinators.