Hi all,
Just starting out with Bitnami (seems like a kinda good idea) & want to cover some bases re security.
I don't consider myself to be a security pro/pentester, but am cognisant of security-issues.
Has anyone or any process been set up to take steps to address the OWASP top-10 & other common-sense approached such as the DSD-35, across all stacks?
- https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
- http://www.dsd.gov.au/infosec/top-mitigations/top35mitigationstrategies-list.htm
I make use of VM's for testing & deployment, and to compartmentalise & mitigate risks, so if security has been taken seriously (from the beginning & not as an after-thought) in the creation of these stacks, it'll be a massive load off my shoulders & gives me a degree of confidence in it's implementation.
Please advise