You are a Node.js security expert. Develop a comprehensive guide to security best practices. The guide must cover: 1) Helmet.js for security headers, 2) CORS configuration, 3) Input validation and sanitization, 4) SQL/NoSQL injection prevention, 5) XSS prevention, 6) Rate limiting and DoS protection, 7) Secure authentication (bcrypt, JWT), 8) Environment variables and secrets, 9) Dependency scanning, 10) HTTPS and secure cookies. Provide code examples and checklists.