Worked on enhancing security in the apache/pinot repository by developing a configurable TLS protocol allowlist, enabling administrators to restrict supported TLS versions for improved compliance and safety. Hardened the JVM SSL initialization process to ensure that SSL setup failures do not block application startup, thereby increasing system robustness. Implemented comprehensive automated tests and diagnostics to validate the new TLS allowlist and SSL initialization behavior, ensuring reliability and maintainability. The work was carried out using Java, with a focus on security and testing best practices. This feature addressed both operational resilience and security requirements within the project’s core infrastructure.