- SAS Cloud Security Framework Audit Methods: https://www.sans.org/reading-room/whitepapers/cloud/cloud-security-framework-audit-methods-36922
- Securing Web Application Technologies Checklist: https://software-security.sans.org/resources/swat
- Application Server Security Requirements Guide: https://www.stigviewer.com/stig/application_server_security_requirements_guide/2018-01-08/
- Mozilla Checklist for Releases: https://wiki.mozilla.org/Releases/Checklist
- SANS Security Policies: https://www.sans.org/security-resources/policies/#template
- CWE/SANS Top 25 Most Dangerous Software Errors: http://cwe.mitre.org/top25/
Further reading
Get Hands-On Security in DevOps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.