What strategies do you use to ensure your code is secure against common vulnerabilities like SQL injection and cross-site scripting (XSS)?