Security Heuristics
Prevent problems before they happen
What can go wrong?
Model possible threats
Simpler the system, smaller the attack surface
Validate
Sanitize
Isolate
Donβt try to roll your own security solutions, itβs a community effort
also see:
Pick a Vulnerability to Learn About
Best practices for managing & storing secrets like API keys and other credentials [2020]
https://stackoverflow.com/questions/2794016/what-should-every-programmer-know-about-security