How do I secure my Vercel deployment?

Start by adding security headers through middleware or next.config.js, including Content-Security-Policy, Permissions-Policy, and Referrer-Policy. Enable Deployment Protection for preview deployments to prevent unauthorized access to staging environments. Audit your environment variables to ensure no secrets are prefixed with NEXT_PUBLIC_ and use server-side API routes to proxy sensitive API calls. Implement rate limiting on API routes and enable Vercel Firewall rules if available on your plan. UNPWNED provides a comprehensive security assessment of your Vercel deployment and generates a prioritized list of fixes to harden your application.