Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security - Coggle Diagram
Security
tools and practices
code reviews
static code analysis
Groom for security requirements
enforce policies
ci/cd
enforce least preveledge
by default highet role in controllers
threat modeling/mitigation
owsap top 10 web application security risks
Tactics
access control
authorization
role based
authentication
secure coding practices
https://owasp.org/www-pdf-archive/OWASP_SCP_Quick_Reference_Guide_v2.pdf
auditing
third party library analysis
encryption
at rest
at transit
hashing
different algorithms
isolation
private network
peering
patterns/concepts
zero trust
white labeling
key vaults
not in source code
logging and monitoring
multi factor authetication
authentication providers
hosting / infrastructure
vnet
firewall
ip restrictions
cloud vedor enforcement
blog encryptions
Db ecryption
access controls
security audits/recomendations
https
why security
data confidentiality
data integrity
unautorized actions