- Use latest LTS stable versions
- Use minimum run-time code, minimize the amount of software installed on the system.
- If you don't intend to use a piece of software, then don't install it.
- If you don't intend to use a service, stop that service and uninstall it.
- If you no longer need a piece of software, uninstall it.
- If possible, run each network service on a separate system to minimize the risk of one compromised service being used to compromise another service.
- Delete all compilers once finished building the images
- Use git-secrets for id management
General
Content
Integrations