What is your understanding of the OWASP Top 10, and how do you prevent injection, cross-site scripting, and broken authentication?