Overview#
We have tried to collect and compile some helpful Best Practices Documents for reference.Best Practices is of course in most cases "Subjective" so we will try to error on the side of security.
Best Practices also requires a well defined context so that they are implemented within the same design.
Most of these documents will be linked to this list:
- API Portal
- API versioning
- AWS Inspector
- AWS Serverless Application Repository
- AWS Trusted Advisor
- Anti-pattern
- AppAuth
- Best Current Practice
- Best Practices For LDAP Naming Attributes
- Best Practices For Unique Identifiers
- Best Practices OpenID Connect
- Best Practices Password
- Best Practices Remote Loader
- Best Practices for LDAP Security
- Certificate Policies
- Cross-site request forgery
- Diffie-Hellman key-exchange
- Edirectory Indexes
- Explicit Endpoint
- Global Configuration Value Naming
- Grant Types
- IAM Charter
- IDM Best Practices
- IDM Best Practices Documents
- IMA Technical Reference Architecture
- IOS.URIScheme
- Identify and Authenticate access to system components
- LAN Manager authentication level
- LDAP
- National Strategy for Trusted Identities in Cyberspace
- OAuth 2.0 Vulnerabilities
- OAuth Scopes
- OAuth state parameter
- Password Strength
- Privacy Considerations
- Public Key Infrastructure
- SCIM Read Request
- SCIM Replace Request
- SCIM Resource Operations
- Security Considerations
- Server-Side Login throttling schemes
- SessionData
- The definitive guide to form-based website authentication
- Uniform Resource Identifier
- Vulnerability Assessment
