Web Application Security Checklist (2021)

This page summarizes the projects mentioned and recommended in the original post on dev.to
Security HacktoberFest Template engine Containers Go

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • Twig

    Twig, the flexible, fast, and secure template language for PHP

    • Twig

  • DOMPurify

    DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

    • DOMPurify

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Gson

    A Java serialization/deserialization library to convert Java Objects into JSON and back

    • Use a well-known software component for the job and keep it rigorously up to date. Vulnerabilities are discovered in many deserialization libraries all the time. GSon is not a bad choice.

  • selinux-coloring-book

    A coloring book to help folks understand how SELinux works.

    • SELinux Coloring Book

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  • Vault

    A tool for secrets management, encryption as a service, and privileged access management

    • HashiCorp Vault

  • Thymeleaf

    Thymeleaf is a modern server-side Java template engine for both web and standalone environments.

    • Thymeleaf

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • Keycloak

    Open Source Identity and Access Management For Modern Applications and Services

    • KeyCloak

  • Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

    • SpotBugs

  • falco

    Cloud Native Runtime Security

    • Falco

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts