I Spent a Week Securing Webhook Ingestion. The Real Attack Surface Was Delivery.

I ran the security review two weeks after the first deployment. The ingestion side looked solid: HMAC signature verification using crypto.timingSafeEqual, rate limiting at 1,000 requests per minute, payload size capped at 1MB, idempotency deduplicati...