Security

Todo

  • OWASP

  • Security Requirements by banking providers?

  • Audits needed? Ex: Unit Ensure security policies, XSS prevention, disable Iframe Embedding,

  • Referrer policy

  • IP Blocking - some regulation require US only, checking for VPN, fraud detection

  • Fraud Handling - closing accounts, suspending accounts, refunds, freezing assets

  • Dependency auditing - Snyk Have external security audit

  • Make sure you are following regulations and compartmentalization for Prod data, even logging HTTPs, HTTP redirect

Last updated