Guidelines

  • Key Management Find out which algorithms are recommended, when to expire keys, etc.
  • Kubernetes A high level guide of basic security needs for Kubernetes
  • OpenSSH How to configure and use OpenSSH server and client securely
  • Phishing A fraudulent practice of sending emails (or other communications) purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
  • Web Security What headers, setup, etc. should you follow for your web site?

Risk assessment

IAM

  • OpenID Connect How to use OpenID Connect securely and make user’s session experience better
  • SAML How to use SAML securely and make user’s session experience better