Compliance standards help organizations maintain a baseline-level of information security.

  • Refer to ISC2-CCSP covered security standards
  • SOC 2 compliance: standard for managing customer data
  • ISO/IEC 27001: international standard for information security
  • CCPA compliance: California Consumer Privacy Act
  • GDPR compliance (can serve as a helpful reference even if your app doesn’t serve European customers)
  • Refer to AWS security products
  • OWASP Web Security Testing Guide (WSTG)