[TOC]
↗ Network Security /Application Layer Security
↗ Trust-worthy AI & LLM Safety and Security
🚧 https://github.com/paragonie/awesome-appsec A curated list of resources for learning about application security. Contains books, websites, blog posts, and self-assessment quizzes.
- Maintained by Paragon Initiative Enterprises with contributions from the application security and developer communities. We also have other community projects which might be useful for tomorrow's application security experts.
- If you are an absolute beginner to the topic of software security, you may benefit from reading A Gentle Introduction to Application Security.
https://paragonie.com/projects
Curated Application Security Reading List A curated list of resources for learning about application security maintained by our team based on the recommendations of the security community.
Anti-CSRF Full-Featured Library to prevent Cross-Site Request Forgery vulnerabilities.
Certainty Automated CACert.pem management for PHP projects, to promote a more secure Internet.
Chronicle Self-hostable microservice, built with Slim Framework, that provides a sapient API which enables authorized users to commit arbitrary data to an immutable, append-only public ledger.
CipherSweet Searchable field-level encryption library.
Constant-Time Encoding RFC 4648 compatible character encoding that doesn't ever use table look-ups indexed by secret data.
🫂 https://owasp.org/supporters/ The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that works to improve software security. Our programming includes:
- Community-led open-source software Projects
- Hundreds of local Chapters worldwide
- Tens of thousands of participants, thousands of financial members
- Industry-leading educational and training conferences
Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked. It encompasses the security considerations that happen during application development and design, but it also involves systems and approaches to protect apps after they get deployed. Application security may include hardware, software, and procedures that identify or minimize security vulnerabilities. A router that prevents anyone from viewing a computer's IP address from the Internet is a form of hardware application security. But security measures at the application level are also typically built into the software, such as an application firewall that strictly defines what activities are allowed and prohibited. Procedures can entail things like an application security routine that includes protocols such as regular testing.