Best Practices for Security

Recommendations for developers focused on security.

This document collects content from our pentesters to help you secure your systems.

You want to start an application security program. You’ve read through the 2021 version of the OWASP Top 10. We’ll provide practical examples that you can use as patterns to secure your assets.

Available Articles

Once we’ve merged content into this guide, we’ll list them in the following table with the date of release.

Article Release Date Author
Protect Against XXE Attacks 2022-12-02 Harsh Bothra
Insecure Deserialization 2022-12-02 Farid Luhar
Prevent Insecure Design in SQL 2022-10-21 Shashank Dixit
Protect Your APIs With Rate Limiting 2022-10-21 payloadartist
Prevent Server-Side Template Injections 2022-10-21 Shubham Chaskar
Validate User Input 2022-08-19 payloadartist
Prevent Security Misconfiguration 2022-08-19 Shashank Dixit
Protect Against Server-Side Request Forgery 2022-08-19 Harsh Bothra

Validate User Input

Here’s an attack scenario that could cost you money.

Prevent Security Misconfiguration

Configure your software properly to avoid security issues.

Protect against Server-Side Request Forgery

Protect your app against SSRF attacks.

Protect Your APIs With Rate Limiting

Protect your APIs. Use rate limits.

Prevent Insecure Design in SQL

We’ll address some typical design flaws when you set up SQL.

Insecure Deserialization

Insecure Deserialization is one of the OWASP Top 10 web vulnerabilities from 2017.

Prevent Server-Side Template Injections

Keep your app safe from SSTI attacks.

Protect against XXE Attacks

Securely configure your XML processor to prevent XXE attacks.

Was this page helpful?

Create an Issue

Last modified June.06.2023