Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
Run your own identity server : Running your own identity server allows you to act as an OpenID Provider. You could run one just for yourself, for a community of users or, if you wis...
Semgrep : Semgrep is a fast, open-source, static analysis tool that searches code, finds bugs, and enforces secure guardrails and coding standards. Semgrep supp...
API Security Checklist : Checklist of the most important security countermeasures when designing, testing, and releasing your API.
security.txt : A proposed standard which allows websites to define security policies.
