Discover published sets by community

Address security vulnerabilities or bugs as soon as they are discovered. Example: Regularly update and apply patches to software and dependencies.

Limit how much of your code is exposed to potential attackers, reducing the chance of unauthorized access. Example: Disabling or removing any unused features or services in an application.

Divide tasks and privileges among multiple people or systems to reduce the risk of fraud or error. Example: Requiring two administrators to approve sensitive actions.

Give users and programs the minimum level of access—or permissions—needed to perform their tasks. Example: A worker only having access to the data necessary for their job.

Employ multiple layers of security measures to defend against failures in one component. Example: Combining firewalls, intrusion detection systems, and data encryption.

Do not rely on secrecy to provide security. Instead, ensure the system is inherently secure, regardless of whether secret details become public. Example: Open-source software still ensuring security despite having publicly visible code.

Complex systems are harder to secure. Aim for simplicity to reduce the chance of errors and increase security. Example: A simple, clear-cut authentication process with fewer steps is less likely to contain vulnerabilities.

Ensure input to a system is valid before using it. Example: Checking that a user's input is a valid email format before accepting it.

Handle errors or exceptions in a way that does not expose the system to further risks. Example: An application should close connections and log errors without providing stack traces to the user.

Incorporate well-known, maintained, and secure tools and libraries to avoid vulnerabilities that come from untrusted sources. Example: Using a reputable library like OpenSSL for cryptographic functions.

Create systems that are secure by default, requiring manual changes to make them less secure. Example: Passwords must meet complexity requirements upon account creation.