Crafting Knowledge
Back to Recipes

Security Pass Recipe

security

Creates a playbook

These cards cover the security fundamentals: validating inputs, verifying identity (auth), controlling access (authz), and protecting data (encryption).

Required Cards (4)

Input Validation

Input Validation

intro

Input validation ensures all user-provided data meets expected formats and constraints before processing.

securityreliabilityquality
Authentication

Authentication

intro

Authentication verifies that users are who they claim to be, typically through passwords, tokens, or multi-factor methods.

securityidentity
Authorization

Authorization

intro

Authorization determines what actions an authenticated user is permitted to perform within a system.

securityidentityaccess-control
Encryption

Encryption

intermediate

Encryption transforms data into an unreadable format that can only be decoded with the correct key.

securitydata-protection

Output: Security Pass

When to use

You need to review a feature or system for security vulnerabilities.

Steps

1

Validate All Inputs

Ensure all user inputs are validated and sanitized.

2

Check Authentication

Verify that users are properly authenticated.

3

Verify Authorization

Ensure users can only access permitted resources.

4

Protect Data

Encrypt sensitive data at rest and in transit.

Anti-Patterns to Avoid

  • Trusting client-side validation only
  • Storing passwords in plain text

Try crafting this recipe on the crafting board

Open Crafting Board