# OWASP/CheatSheetSeries **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/owasp-cheatsheetseries).** 31,387 stars · 4,381 forks · Python · cc-by-sa-4.0 ## Links - GitHub: https://github.com/OWASP/CheatSheetSeries - Homepage: https://cheatsheetseries.owasp.org - awesome-repositories: https://awesome-repositories.com/repository/owasp-cheatsheetseries.md ## Topics `application-security` `appsec` `best-practices` `cheatsheets` `code` `owasp` `security` ## Description The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentralized, collaborative editorial process. By utilizing a version-controlled, markdown-based workflow, the series ensures that security guidance remains vendor-neutral, peer-reviewed, and universally accessible. This structure allows the community to rapidly evolve and maintain technical documentation, ensuring that defensive strategies keep pace with emerging threats and shifting technology stacks. The project provides extensive coverage of critical security areas, including robust input validation, access control enforcement, and supply chain risk management. It offers detailed implementation guides for securing cloud-native architectures, containerized environments, and various language-specific frameworks. Furthermore, the series addresses advanced topics such as artificial intelligence agent safety, prompt injection prevention, and zero-trust architectural principles. The documentation is maintained as an open-source repository, with content transformed into a navigable web format through automated static site generation. ## Tags ### Education & Learning Resources - [Security Best Practices](https://awesome-repositories.com/f/education-learning-resources/security-best-practices.md) — Provides comprehensive security best practices and checklists for developers. ([source](https://cdn.jsdelivr.net/gh/OWASP/CheatSheetSeries@master/README.md)) ### Security & Cryptography - [Framework Security Modules](https://awesome-repositories.com/f/security-cryptography/framework-security-modules.md) — Implements robust access control and data protection settings specifically designed for the framework's security architecture. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [Injection Prevention](https://awesome-repositories.com/f/security-cryptography/injection-prevention.md) — Sanitizes all user inputs to ensure they cannot be interpreted as commands by backend systems. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [LLM Prompt Injection Prevention](https://awesome-repositories.com/f/security-cryptography/llm-prompt-injection-prevention.md) — Provides input validation and sanitization techniques to prevent attackers from manipulating model behavior through malicious prompts. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Access Control Policies](https://awesome-repositories.com/f/security-cryptography/access-control-policies.md) — Enforces strict access control policies ensuring users only interact with permitted data and functions. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Abuse_Case_Cheat_Sheet.html)) - [AI Agent Security](https://awesome-repositories.com/f/security-cryptography/ai-agent-security.md) — Provides security controls for artificial intelligence agents to prevent unauthorized access and malicious manipulation of automated decision-making processes. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Abuse_Case_Cheat_Sheet.html)) - [Credential Storage](https://awesome-repositories.com/f/security-cryptography/credential-storage.md) — Protects user passwords using strong, salted hashing algorithms to prevent unauthorized access and decryption attempts. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [Cross-Site Scripting Prevention](https://awesome-repositories.com/f/security-cryptography/cross-site-scripting-prevention.md) — Provides robust sanitization and encoding to prevent malicious script injection. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [Multifactor Authentication](https://awesome-repositories.com/f/security-cryptography/multifactor-authentication.md) — Enforces identity verification requiring multiple forms of authentication to reduce the risk of unauthorized account access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [Query Parameterization](https://awesome-repositories.com/f/security-cryptography/query-parameterization.md) — Uses prepared statements to separate data from commands, preventing injection attacks. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [SQL Injection Prevention](https://awesome-repositories.com/f/security-cryptography/sql-injection-prevention.md) — Sanitizes database queries to ensure user input cannot be used to manipulate or extract unauthorized data. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [XSS Protections](https://awesome-repositories.com/f/security-cryptography/xss-protections.md) — Sanitizes user-supplied data to prevent malicious script execution in browsers. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Zero Trust Architectures](https://awesome-repositories.com/f/security-cryptography/zero-trust-architectures.md) — Implements continuous verification of every request to ensure least-privilege access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [AI Operations Security](https://awesome-repositories.com/f/security-cryptography/ai-operations-security.md) — Implements security controls throughout the machine learning model lifecycle to prevent unauthorized access, tampering, and model poisoning. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html)) - [Configuration Hardening](https://awesome-repositories.com/f/security-cryptography/configuration-hardening.md) — Implements security-focused configuration hardening for server and language environments to reduce the overall attack surface. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [CSRF Protections](https://awesome-repositories.com/f/security-cryptography/csrf-protections.md) — Validates state-changing requests to ensure they originate from authorized users. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Data Encryption](https://awesome-repositories.com/f/security-cryptography/data-encryption.md) — Protects sensitive data at rest using strong encryption algorithms. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Deserialization Security](https://awesome-repositories.com/f/security-cryptography/deserialization-security.md) — Validates serialized data before processing to prevent arbitrary code execution. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) - [Framework Security](https://awesome-repositories.com/f/security-cryptography/framework-security.md) — Provides security best practices for web service endpoints to prevent unauthorized access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) - [Framework Security Hardening](https://awesome-repositories.com/f/security-cryptography/framework-security-hardening.md) — Framework-specific configurations to defend web applications against common security vulnerabilities and misconfiguration errors. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) - [HTTP Security Headers](https://awesome-repositories.com/f/security-cryptography/http-security-headers.md) — Configures security-focused response headers to enforce protective browser policies. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [Infrastructure as Code Security](https://awesome-repositories.com/f/security-cryptography/infrastructure-as-code-security.md) — Scans configuration files to protect cloud environments from misconfigurations. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [Insecure Direct Object Reference Prevention](https://awesome-repositories.com/f/security-cryptography/insecure-direct-object-reference-prevention.md) — Ensures users cannot manipulate identifiers to access objects they are not authorized to view. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [Kubernetes Security](https://awesome-repositories.com/f/security-cryptography/kubernetes-security.md) — Hardens cluster configurations and network policies to prevent unauthorized access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Multi-Tenant Security](https://awesome-repositories.com/f/security-cryptography/multi-tenant-security.md) — Ensures data and resource isolation between users to prevent cross-tenant leakage. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [OAuth2 Implementations](https://awesome-repositories.com/f/security-cryptography/oauth2-implementations.md) — Provides secure authorization flow configuration allowing users to grant limited access to resources without sharing primary credentials. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [REST API Security](https://awesome-repositories.com/f/security-cryptography/rest-api-security.md) — Implements authentication, authorization, and rate limiting to protect web services. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [Service Communication Security](https://awesome-repositories.com/f/security-cryptography/service-communication-security.md) — Implements mutual authentication and encryption to secure communication channels between distributed microservices. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [Session Management](https://awesome-repositories.com/f/security-cryptography/session-management.md) — Provides secure handling of user sessions to prevent hijacking and unauthorized access to protected accounts. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [Transport Layer Security](https://awesome-repositories.com/f/security-cryptography/transport-layer-security.md) — Ensures data confidentiality and integrity during transit between clients and servers. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) - [Business Logic Security](https://awesome-repositories.com/f/security-cryptography/business-logic-security.md) — Hardens critical application workflows to prevent attackers from manipulating core processes. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Bean_Validation_Cheat_Sheet.html)) - [Cloud Architecture Security](https://awesome-repositories.com/f/security-cryptography/cloud-architecture-security.md) — Defines architectural patterns that ensure data protection and resource isolation in cloud environments. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html)) - [Container Security](https://awesome-repositories.com/f/security-cryptography/container-security.md) — Hardens container images and runtime environments to prevent unauthorized access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) - [Content Security Policies](https://awesome-repositories.com/f/security-cryptography/content-security-policies.md) — Defines allowed sources for scripts and styles to prevent malicious injections. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Credential Stuffing Protections](https://awesome-repositories.com/f/security-cryptography/credential-stuffing-protections.md) — Provides rate limiting and anomaly detection to stop attackers from using stolen credentials to gain unauthorized access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Cryptographic Key Management](https://awesome-repositories.com/f/security-cryptography/cryptographic-key-management.md) — Ensures secure storage and rotation of sensitive keys for encrypted data. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Database Access Control](https://awesome-repositories.com/f/security-cryptography/database-access-control.md) — Enforces least-privilege access controls to protect stored data from unauthorized manipulation. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [DOM-based XSS Protections](https://awesome-repositories.com/f/security-cryptography/dom-based-xss-protections.md) — Sanitizes client-side data handling to prevent malicious script execution in the browser. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) - [HSTS](https://awesome-repositories.com/f/security-cryptography/hsts.md) — Enforces encrypted connections for all traffic to prevent eavesdropping and man-in-the-middle attacks. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [Identity Verification](https://awesome-repositories.com/f/security-cryptography/identity-verification.md) — Ensures only authorized users gain access to protected application resources and data through robust identity verification mechanisms. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Abuse_Case_Cheat_Sheet.html)) - [Mass Assignment Prevention](https://awesome-repositories.com/f/security-cryptography/mass-assignment-prevention.md) — Restricts user input fields to prevent attackers from modifying sensitive data or escalating privileges. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [Microservices Security](https://awesome-repositories.com/f/security-cryptography/microservices-security.md) — Applies defense-in-depth principles to ensure individual services remain protected. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [Mobile Application Security](https://awesome-repositories.com/f/security-cryptography/mobile-application-security.md) — Protects mobile data and prevents unauthorized access to device features and sensors. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [OS Command Injection Prevention](https://awesome-repositories.com/f/security-cryptography/os-command-injection-prevention.md) — Sanitizes inputs passed to system commands to prevent unauthorized code execution on the underlying operating system. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [Retrieval-Augmented Generation Security](https://awesome-repositories.com/f/security-cryptography/retrieval-augmented-generation-security.md) — Implements access controls and input validation to prevent unauthorized exposure of sensitive data during the retrieval process. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [Secrets Management](https://awesome-repositories.com/f/security-cryptography/secrets-management.md) — Provides secure storage and access for credentials and tokens to prevent unauthorized exposure. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html)) - [SSRF Protections](https://awesome-repositories.com/f/security-cryptography/ssrf-protections.md) — Validates server-side requests to ensure they originate from trusted sources. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [Threat Modeling](https://awesome-repositories.com/f/security-cryptography/threat-modeling.md) — Identifies and prioritizes potential threats to inform the selection of security controls. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) - [Web Service Security](https://awesome-repositories.com/f/security-cryptography/web-service-security.md) — Implements authentication and encryption for web service interfaces to prevent unauthorized access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [Authorization Testing](https://awesome-repositories.com/f/security-cryptography/authorization-testing.md) — Provides automated verification of access control logic to ensure permissions remain correctly enforced. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Abuse_Case_Cheat_Sheet.html)) - [Cookie Security](https://awesome-repositories.com/f/security-cryptography/cookie-security.md) — Enforces secure attributes and storage practices to prevent unauthorized session cookie access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [Cryptographic Implementations](https://awesome-repositories.com/f/security-cryptography/cryptographic-implementations.md) — Implements secure cryptographic practices for generating and validating security tokens. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Denial of Service Prevention](https://awesome-repositories.com/f/security-cryptography/denial-of-service-prevention.md) — Implements resource limits and traffic filtering to ensure application availability during traffic spikes. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html)) - [File Upload Security](https://awesome-repositories.com/f/security-cryptography/file-upload-security.md) — Validates file types and contents to prevent the upload of malicious scripts. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [GraphQL Security](https://awesome-repositories.com/f/security-cryptography/graphql-security.md) — Limits query depth and enforces field-level authorization to prevent resource exhaustion. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [Identity Management](https://awesome-repositories.com/f/security-cryptography/identity-management.md) — Configures authentication and authorization services to ensure secure identity management. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) - [Model Context Protocol Security](https://awesome-repositories.com/f/security-cryptography/model-context-protocol-security.md) — Ensures safe and authorized interaction between artificial intelligence models and external tools via context protocols. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html)) - [Password Recovery Workflows](https://awesome-repositories.com/f/security-cryptography/password-recovery-workflows.md) — Implements secure workflows for resetting user credentials to prevent account hijacking through weak recovery processes. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [Payment Gateway Security](https://awesome-repositories.com/f/security-cryptography/payment-gateway-security.md) — Validates communication patterns for secure payment processing through third-party services. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) - [SAML Integrations](https://awesome-repositories.com/f/security-cryptography/saml-integrations.md) — Configures identity exchange protocols to ensure secure authentication and authorization across different domains and service providers. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html)) - [Serverless Security](https://awesome-repositories.com/f/security-cryptography/serverless-security.md) — Implements security controls for ephemeral serverless execution environments to prevent resource abuse. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [User Privacy Protection](https://awesome-repositories.com/f/security-cryptography/user-privacy-protection.md) — Implements data minimization and access controls to ensure user information remains confidential. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) - [WebSocket Security](https://awesome-repositories.com/f/security-cryptography/websocket-security.md) — Secures persistent connections through authentication and input validation to prevent data injection. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [XML External Entity Prevention](https://awesome-repositories.com/f/security-cryptography/xml-external-entity-prevention.md) — Disables dangerous features in XML parsers to prevent unauthorized access through external entities. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [AI-Generated Code Validation](https://awesome-repositories.com/f/security-cryptography/ai-generated-code-validation.md) — Ensures code generated by artificial intelligence remains free of vulnerabilities and follows safe coding practices. ([source](https://cheatsheetseries.owasp.org/cheatsheets/SAML_Security_Cheat_Sheet.html)) - [Application Security Standards](https://awesome-repositories.com/f/security-cryptography/application-security-standards.md) — Establishes baseline security requirements for modern software development lifecycles. - [Attack Surface Analysis](https://awesome-repositories.com/f/security-cryptography/attack-surface-analysis.md) — Maps entry points and exposed interfaces to identify potential vulnerabilities. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Abuse_Case_Cheat_Sheet.html)) - [Bot Management](https://awesome-repositories.com/f/security-cryptography/bot-management.md) — Detects and blocks automated malicious traffic while ensuring legitimate user access. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Bean_Validation_Cheat_Sheet.html)) - [Certificate Pinning](https://awesome-repositories.com/f/security-cryptography/certificate-pinning.md) — Restricts trusted certificates to prevent man-in-the-middle attacks on encrypted channels. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [Drone Communication Security](https://awesome-repositories.com/f/security-cryptography/drone-communication-security.md) — Implements robust authentication and encryption for drone communication channels to prevent unauthorized control. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [gRPC Security](https://awesome-repositories.com/f/security-cryptography/grpc-security.md) — Provides authentication and encryption for remote procedure calls between distributed services. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [Language Security Patterns](https://awesome-repositories.com/f/security-cryptography/language-security-patterns.md) — Enforces strict input validation and secure coding patterns to protect software from vulnerabilities. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Network Segmentation](https://awesome-repositories.com/f/security-cryptography/network-segmentation.md) — Provides strategies for isolating network segments to limit lateral movement during security incidents. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [NoSQL Security](https://awesome-repositories.com/f/security-cryptography/nosql-security.md) — Implements access controls and query sanitization to prevent unauthorized data access in NoSQL databases. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [Prototype Pollution Protections](https://awesome-repositories.com/f/security-cryptography/prototype-pollution-protections.md) — Validates object property assignments to prevent unauthorized modification of runtime behavior. ([source](https://cheatsheetseries.owasp.org/cheatsheets/PHP_Configuration_Cheat_Sheet.html)) - [Security Logging Management](https://awesome-repositories.com/f/security-cryptography/security-logging-management.md) — Records security-relevant events in a structured format to facilitate incident response. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Java_Security_Cheat_Sheet.html)) - [Server Hardening](https://awesome-repositories.com/f/security-cryptography/server-hardening.md) — Hardens server-side execution contexts to prevent common vulnerabilities. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [Third-Party Script Security](https://awesome-repositories.com/f/security-cryptography/third-party-script-security.md) — Restricts external script execution to prevent unauthorized data collection and malicious behavior. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) - [Transaction Authorization](https://awesome-repositories.com/f/security-cryptography/transaction-authorization.md) — Verifies financial or sensitive actions to prevent unauthorized operations. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management_Cheat_Sheet.html)) ### DevOps & Infrastructure - [Supply Chain Security](https://awesome-repositories.com/f/devops-infrastructure/supply-chain-security.md) — Verifies software components and build processes to prevent the introduction of malicious code. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Security_Terminology_Cheat_Sheet.html)) - [Pipeline Security](https://awesome-repositories.com/f/devops-infrastructure/pipeline-security.md) — Protects automated build and deployment pipelines from unauthorized access and malicious code injection. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Bean_Validation_Cheat_Sheet.html)) - [Vulnerability Management](https://awesome-repositories.com/f/devops-infrastructure/vulnerability-management.md) — Monitors and updates third-party libraries to ensure known security flaws are addressed. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html)) - [Workflow Security](https://awesome-repositories.com/f/devops-infrastructure/workflow-security.md) — Configures workflow permissions and secrets to prevent unauthorized access to build environments. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Drone_Security_Cheat_Sheet.html)) - [Cloud Infrastructure Security](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure-security.md) — Secures modern infrastructure environments through hardened configuration and architectural best practices. - [Package Security](https://awesome-repositories.com/f/devops-infrastructure/package-security.md) — Audits third-party dependencies to prevent the inclusion of malicious code. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Network_Segmentation_Cheat_Sheet.html)) - [Dependency Tracking](https://awesome-repositories.com/f/devops-infrastructure/dependency-tracking.md) — Monitors third-party components to identify risks from vulnerable or outdated libraries. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Dependency_Graph_SBOM_Cheat_Sheet.html)) ### Web Development - [Web Security Hardening](https://awesome-repositories.com/f/web-development/web-security-hardening.md) — Protects web applications against common vulnerabilities like injection and cross-site scripting. ### Software Engineering & Architecture - [Secure Development Lifecycles](https://awesome-repositories.com/f/software-engineering-architecture/secure-development-lifecycles.md) — Implements industry-standard security practices throughout the design, development, and deployment phases. - [Supply Chain Security](https://awesome-repositories.com/f/software-engineering-architecture/supply-chain-security.md) — Identifies and mitigates risks associated with third-party libraries and automated build pipelines. - [Threat Modeling](https://awesome-repositories.com/f/software-engineering-architecture/threat-modeling.md) — Designs resilient systems by proactively identifying potential attack vectors and establishing security controls. ### Testing & Quality Assurance - [Input Validation](https://awesome-repositories.com/f/testing-quality-assurance/input-validation.md) — Enforces strict allow-lists for all incoming data to ensure only expected formats reach application logic. ([source](https://cheatsheetseries.owasp.org/cheatsheets/HTML5_Security_Cheat_Sheet.html)) ### Development Tools & Productivity - [Build Toolchain Hardening](https://awesome-repositories.com/f/development-tools-productivity/build-toolchain-hardening.md) — Configures development and build environments to prevent malicious code injection during the compilation process. ([source](https://cheatsheetseries.owasp.org/cheatsheets/Bean_Validation_Cheat_Sheet.html)) - [Static Site Generators](https://awesome-repositories.com/f/development-tools-productivity/static-site-generators.md) — Transforms source documentation into a navigable web format during the build process for high performance and accessibility.