# AppSec - [10 ‘must’ controls](/blog/appsec/10-must-controls-for-modern-appsec.md): 10 ‘must’ controls for modern AppSec - [OWASP Top 10](/blog/appsec/owasp-top-ten-security-risks.md): Understanding and Mitigating Common Vulnerabilities - [MITRE ATT\&CK Framework](/blog/appsec/mitre-att-and-ck-framework.md) - [SQL Injection](/blog/appsec/sql-injection-techniques-and-mitigations.md): Techniques and Mitigations - [DevSecOps](/blog/appsec/devsecops-integrating-security-into-the-devops-lifecycle.md): Integrating Security into the DevOps Lifecycle - [Insider Threats in Application Security](/blog/appsec/mitigating-insider-threats-in-application-security.md): Mitigating Insider Threats in Application Security - [Secure API Development](/blog/appsec/secure-api-development-best-practices-and-guidelines.md): Best Practices and Guidelines - [RBAC in Applications](/blog/appsec/implementing-role-based-access-control-rbac-in-applications.md): Implementing Role-Based Access Control (RBAC) in Applications - [Security in CI/CD Pipelines](/blog/appsec/security-in-ci-cd-pipelines.md): Implementing Security in CI/CD Pipelines - [Audits in DevSecOps](/blog/appsec/audits-in-devsecops.md): Automating Security Audits in DevSecOps - [Security Policies](/blog/appsec/security-policies.md): Security Policies in Application Security - [S SDLC](/blog/appsec/s-sdlc.md): Secure Software Development Lifecycle (SDLC) - [Multi-Factor Authentication (MFA)](/blog/appsec/multi-factor-authentication-mfa.md): Understanding Multi-Factor Authentication (MFA): Enhancing Security in Application Access - [API Gateway Security](/blog/appsec/api-gateway-security.md): Implementing API Gateway Security Best Practices - [RESTful APIs](/blog/appsec/restful-apis.md): Securing RESTful APIs: Best Practices and Techniques - [Microservices](/blog/appsec/microservices.md): Securing Microservices Architecture - [Secure API Development](/blog/appsec/secure-api-development-1.md): Best Practices and Guidelines - [API Security Best Practices](/blog/appsec/api-security-best-practices.md)