Secure By Design Libraries

Node.js

  • Helmet for Secure Headers

  • Joi for Input Validation

  • Winston for Structured Logging

  • ssrf-req-filter for SSRF Validation

  • Casbin for Object/Function Level Authorization

Python

  • Pydantic for Input Validation

  • PyNaCL for Cryptography

  • Flask-Talisman for Security Headers

  • Advocate for SSRF Prevention

  • Casbin for Object/Function Level Authorization

  • Loguru for Structured Logging

Golang

  • Govalidator for Input Validation

  • Ozzo-Validator for Input Validation

  • Casbin for Object and Function Level Authorization

  • Go-JWT-Middleware for JWT Handling

  • Slog for Structured Logging

  • crypto/nacl for Cryptography

Java Spring

  • Spring Security for Multiple Security Controls

  • Casbin for Object/Functional Access Control

  • SpEL (Spring Expression Language) for Security Expressions

  • Log4J2 for Structured Logging

  • Look-Ahead Streams for Preventing Insecure Deserialization

  • OWASP Java Encoder for Cross-Site Scripting

  • Jasypt for Cryptography

Laravel (PHP)

  • Laravel Security for Core Security Measures

  • Spatie Laravel Permissions for Roles and Permissions

  • Laravel Sanctum for Authentication in Laravel SPAs

  • Laravel Validation for Input Validation

  • LibSodium for Cryptography

  • Laravel Logging for Log Streaming and Structured Logging

Ruby on Rails

  • Active Record Validations for Input Validation

  • Pundit for Permissions and Access Control

  • Secure Headers for HTTP Security Headers

  • Rack:Attack for Blocking Abusive Requests

  • Devise for Flexible Authentication

  • Lograge for Structured Logging

PreviousPHP Code ReviewNextIDE Plugins for Developers

Last updated