-
ISO 27001:2013 standard
-
Tokenization for Personal Identifiable Information like National Id, PhoneNumber
-
Follow OWASP guidelines
- Security audit for every check-in against Top 10 mistakes
-
Process - SDLC
- Requirements -
- Security Requirements
- Threat Modelling
- Design
- Security Architecture
- Design Review
- Coding
- Static & Dynamic code analysis
- Secure Code reviews
- Integration
- Security Testing
- Penetration Testing
- Validation
- Secure Configurations
- Production
- Requirements -
-
Authentication providers
- OKTA SSO
- 0365 SSO
- Supertokens - OpenSource
-
Engineering Blog/ OSS Work
Use this section to tell people about which versions of your project are currently being supported with security updates.
| Version | Supported |
|---|---|
| 5.1.x | ✅ |
| 5.0.x | ❌ |
| 4.0.x | ✅ |
| < 4.0 | ❌ |
Use this section to tell people how to report a vulnerability.
Tell them where to go, how often they can expect to get an update on a reported vulnerability, what to expect if the vulnerability is accepted or declined, etc.