-
Perform regular security assessments of your application and fix all security issues.
-
Ensure rate limiting of sensitive and highly used front end pages to prevent volumetric attacks.
-
Ensure all user input is validated and output is properly encoded based on context.
-
Ensure servers don’t disclose information technology used or version information.
-
Errors, stack traces, and debug information must not be displayed to the user on the web page.
-
Ensure no sensitive information is logged into Application and System logs.