Security

This section could use some updates. Consider contributing!

Security is a broad topic. Unless you have considerable experience, a security background, or are applying for a position that requires knowledge of security, you probably won't need to know more than the basics:

• Encrypt in transit and at rest.
• Sanitize all user inputs or any input parameters exposed to user to prevent XSS and SQL injection.
• Use parameterized queries to prevent SQL injection.
• Use the principle of least privilege.

Source(s) and further reading

• API security checklist
• Security guide for developers
• OWASP top ten