Chapter 5

The Grit Defensive Stack

Sentinel, security headers, CSRF, audit log — wire them all.

~21 min total3 lessonsAssignment

By the end of this chapter you'll be able to

Enable + tune each defence
Understand what each blocks and what it doesn't

Lessons

Module: Defence in depth

Sentinel rate limiting

Per-IP, per-user, per-endpoint throttles.

7mmedium

CSRF + CORS

Why both, when each matters.

8mhard

Audit log

Who did what, when. The black-box recorder for incidents.

6mmedium

Chapter assignment

Full defence audit

Verify every defence is enabled + tuned: Sentinel limits, CSP headers, CSRF on form endpoints, audit log on sensitive ops. Document each in a `SECURITY.md` at the repo root.

See success criteria

Lesson 1 takes ~7 min.

Start chapter

Spot a typo? Have an idea?

Help us improve this chapter. One click opens a GitHub issue with this chapter's URL pre-filled — suggest a clearer wording, report a bug, or request a new lesson. The course keeps improving thanks to learners like you.

Suggest an improvement on GitHub

ch.4: Auth + Secret Management