What security checks can QA add without being a security engineer?

QA can add practical security checks: - Auth/authz regression tests - Input validation and error handling - Basic OWASP checks for critical endpoints - Dependency and config sanity checks QA should partner with security for deeper testing, but can catch many common issues early with automated checks.