
How do you keep your projects and networks secure? - randomnumber314
Hackers either know more than me, or have more time than me. This will always be the case, so I&#x27;m curious about what tools or resources people use to test their stuff, either automatically or manually.
======
twunde
At the application level make sure you're secured against the most common
security problems like xss, sql injections, csrf and that you're using the
recommended hashing/encryption library for your language. For testing, you can
use any number of scanning services like skipfish, do manual testing using
BURP suite or automate security tests with Gauntlet. More importantly is to
follow basic server security. If you're running your server yourself, run done
basic hardening scripts and then make sure to apply security updates when
available. Honestly, this is where PAAS shines since they will do the server
hardening for you.

------
tedmiston
Running on a PaaS always helps.

This is letter known but AWS has a pen testing service.

[https://aws.amazon.com/security/penetration-
testing/](https://aws.amazon.com/security/penetration-testing/)

