Home

Awesome

Web Application Security Checklist

Checklist

We have a blog post that goes into more detail about each item on the checklist. Check it here

Objectives

We want to help developers making their web applications more secure. This checklist is supposed to be a brain exercise to ensure that essential controls are not forgotten.

Items on this list are frequently missed and were chosen based on their relevance to the overall security of the application. It's a starting point.

The checklist

General security

I have a login feature and cannot use an already existent service:

version 1.1