This is a basic checklist that all SaaS CTOs (and anyone else responsible for security in their organization) can use to harden their security. Security shouldn’t feel like a chore.
Implement the rules adapted to your company size to improve your security. This list is not exhaustive, since the security you need depends on your specific assets and business, but it can provide a great foundation.
The security world evolves quickly. Since 2016, there have been new advancements and security issues that merit consideration. In the second edition, we’ve updated and expanded upon the original checklist to reflect the latest best practices for CTOs and security owners in SaaS startups and mid-market companies.