Security

Cryptography, certificates, and security frameworks

43
Total Items
34
Standards
4
Best Practices
1
Products

Standards

TLS 1.0 (RFC 2246)

by Internet Engineering Task Force

tls-1-0

TLS 1.1 (RFC 4346)

by Internet Engineering Task Force

tls-1-1

TLS 1.2 (RFC 5246)

by Internet Engineering Task Force

tls-1-2

TLS 1.3 (RFC 8446)

by Internet Engineering Task Force

tls-1-3

ISO/IEC 27001:2022

by ISO/IEC Joint Technical Committee

iso-27001-2022

ISO/IEC 27002:2022

by ISO/IEC Joint Technical Committee

iso-27002-2022

ISO/IEC 27017:2015 (Cloud Controls)

by ISO/IEC Joint Technical Committee

iso-27017-2015

ISO/IEC 27018:2019 (Cloud PII)

by ISO/IEC Joint Technical Committee

iso-27018-2019

ISO/IEC 27701:2019 (Privacy)

by ISO/IEC Joint Technical Committee

iso-27701-2019

NIST SP 800-53 Rev 5

by National Institute of Standards and Technology

nist-800-53-r5

NIST SP 800-171 Rev 3

by National Institute of Standards and Technology

nist-800-171-r3

CIS Benchmarks Kubernetes v1.7

by Center for Internet Security

cis-kubernetes-1-7

OWASP ASVS 4.0

by OWASP Foundation

owasp-asvs-4-0

ISO/IEC 9594-8:2017 (X.509)

by ISO/IEC Joint Technical Committee

x509-2017

PKCS #12 v1.1

by RSA Security

pkcs12-v1-1

PKCS #7 / CMS (RFC 5652)

by Internet Engineering Task Force

pkcs7-rfc-5652

RFC 6962 (Cert Transparency)

by Internet Engineering Task Force

rfc-6962

RFC 5280 (PKIX)

by Internet Engineering Task Force

rfc-5280

RFC 7515 (JWS)

by Internet Engineering Task Force

jws-rfc-7515

ISO/IEC 9798-3:2014

by ISO/IEC Joint Technical Committee

iso-9798-3-2014

ISO/IEC 15408-1:2022 (Common Criteria)

by ISO/IEC Joint Technical Committee

iso-15408-1-2022

ISO/IEC 7816-4:2020 (Smart Cards)

by ISO/IEC Joint Technical Committee

iso-7816-4-2020

ISO/IEC 29147:2018 (Vuln Disclosure)

by ISO/IEC Joint Technical Committee

iso-29147-2018

ISO/IEC 30111:2019 (Vulnerability Handling)

by ISO/IEC Joint Technical Committee

iso-30111-2019

MITRE CWE 4.11

by MITRE Corporation

cwe-4-11

MITRE ATT&CK v14

by MITRE Corporation

mitre-attack-v14

CAPEC v3.9

by MITRE Corporation

capec-3-9

BSIMM13

by Synopsys

bsimm-13

OWASP Top 10 2023

by OWASP Foundation

owasp-top10-2023

RFC 9193 (SFrame Media Encryption)

by Internet Engineering Task Force

rfc-9193

SLSA v1 (Supply-Chain Levels)

by Open Source Security Foundation

slsa-v1

OpenSSF Scorecard 4.10

by Open Source Security Foundation

openssf-scorecard-4-10

CycloneDX 1.6 (SBOM)

by Linux Foundation

cyclonedx-1-6

SPDX 3.0

by Linux Foundation

spdx-3-0

Best Practices

CycloneDX SBOM Specification

Lightweight Bill-of-Materials standard for software components, vulnerabilities, and licenses.

by OWASP Foundation

Infrastructure-as-Code Security Playbook

Best practices for securing Terraform, CloudFormation, and ARM templates in CI/CD pipelines.

by HashiCorp & Bridgecrew

CNCF Cloud-Native Security Whitepaper

Guidance on building, shipping, and running secure cloud-native applications.

by CNCF Security TAG

Container Image Hardening Guide

Steps to build minimal, non-root, signed container images with SBOMs.

by CIS & Docker

Products & Technologies

HashiCorp Vault

Secrets management and data protection

Tutorials

Implementing OAuth 2.0 Authentication

Add OAuth 2.0 authentication to your application

Checklists

Security Migration Checklist

Security-focused checklist for any migration project