🔐 Security Checklist

Autogenerated by Copilot, Need Updates

Security Test Check

XSS
CSRF
SQL Injection
Clickjacking
Memory Leak
Input Sanitation
Containerization
Exposed Private Environment
No Public Bucket (all bucket must private)

XSS

Cross-site scripting (XSS) is a type of security vulnerability typically found in web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users.

Prevention

Use Content Security Policy (CSP) to prevent XSS attacks
Use X-XSS-Protection to prevent XSS attacks
Use X-Content-Type-Options to prevent XSS attacks
Use HTTPOnly to prevent XSS attacks
Use Secure to prevent XSS attacks
Use SameSite to prevent XSS attacks
Use Escape Output to prevent XSS attacks

CSRF

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.

Prevention

Use CSRF Token to prevent CSRF attacks
Use SameSite to prevent CSRF attacks
Use CORS to prevent CSRF attacks
Use Origin to prevent CSRF attacks
Use Referer to prevent CSRF attacks
Use Double Submit Cookie to prevent CSRF attacks

SQL Injection

SQL injection is a code injection technique that might destroy your database.

Prevention

Use Prepared Statements to prevent SQL Injection
Use Parameterized Queries to prevent SQL Injection
Use Stored Procedures to prevent SQL Injection
Use ORM to prevent SQL Injection
Use Input Sanitization to prevent SQL Injection

Clickjacking

Clickjacking is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.

Prevention

Use X-Frame-Options to prevent Clickjacking
Use Content Security Policy (CSP) to prevent Clickjacking
Use Frame Ancestors to prevent Clickjacking

Memory Leak

A memory leak is a type of resource leak that occurs when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released.

Prevention

Use Memory Profiling to prevent Memory Leak
Use Memory Management to prevent Memory Leak
Use Garbage Collection to prevent Memory Leak
Use Memory Leak Detection to prevent Memory Leak

Input Sanitation

Input sanitation is the process of cleaning data from any input that is used by an application. This is done to prevent any malicious data from being executed by the application.

Prevention

Use Input Validation to prevent Input Sanitation
Use Input Filtering to prevent Input Sanitation
Use Input Escaping to prevent Input Sanitation
Use Input Encoding to prevent Input Sanitation
Use Input Sanitization to prevent Input Sanitation

Containerization

Containerization is a lightweight alternative to full machine virtualization that involves encapsulating an application in a container with its own operating environment.

Prevention

Use Docker to prevent Containerization
Use Kubernetes to prevent Containerization
Use Podman to prevent Containerization
Use LXC to prevent Containerization
Use LXD to prevent Containerization

Exposed Private Environment

Exposed private environment is a condition where the private environment is exposed to the public.

Prevention

Use Private Network to prevent Exposed Private Environment
Use VPN to prevent Exposed Private Environment
Use Firewall to prevent Exposed Private Environment
Use Security Group to prevent Exposed Private Environment

No Public Bucket

All bucket must private

Prevention

Use Private Bucket to prevent No Public Bucket
Use Bucket Policy to prevent No Public Bucket
Use ACL to prevent No Public Bucket
Use IAM to prevent No Public Bucket
Use VPC Endpoint to prevent No Public Bucket
Use CloudFront to prevent No Public Bucket
Use Origin Access Identity to prevent No Public Bucket
Use Signed URL to prevent No Public Bucket
Use Signed Cookie to prevent No Public Bucket
Use Pre-Signed URL to prevent No Public Bucket
Use Pre-Signed Cookie to prevent No Public Bucket
Use CloudFront Signed URL to prevent No Public Bucket
Use CloudFront Signed Cookie to prevent No Public Bucket
Use CloudFront Pre-Signed URL to prevent No Public Bucket
Use CloudFront Pre-Signed Cookie to prevent No Public Bucket
Use CloudFront Origin Access Identity to prevent No Public Bucket
Use CloudFront Origin Access Identity to prevent No Public Bucket
Use CloudFront Origin Access Identity to prevent No Public Bucket
Use CloudFront Origin Access Identity to prevent No Public Bucket

Security Test Check

XSS​

Prevention​

CSRF​

Prevention​

SQL Injection​

Prevention​

Clickjacking​

Prevention​

Memory Leak​

Prevention​

Input Sanitation​

Prevention​

Containerization​

Prevention​

Exposed Private Environment​

Prevention​

No Public Bucket​

Prevention​

References​

XSS

Prevention

CSRF

Prevention

SQL Injection

Prevention

Clickjacking

Prevention

Memory Leak

Prevention

Input Sanitation

Prevention

Containerization

Prevention

Exposed Private Environment

Prevention

No Public Bucket

Prevention

References