The DevOps Security Checklist

Security is increasingly becoming the responsibility of DevOps teams. Movements like DevSecOps are contributing to this change.
This security checklist aims to give DevOps professionals a list of security best practices they can follow according to their company stage.
DevOps teams make security decisions several times, everyday! Security is a moving target. The applicable recommendations for a Series B company will not be relevant for an early stage company.
Select your company stage and use these rules to improve your security.

This list is far from being exhaustive. Feel free to contribute directly on GitHub!


  • Early stage/series A
  • Series B
  • Post-Series B






A project by:
Protect Your Applications. Frustrate attackers.
With its unique in-app technology, Sqreen revolutionizes the way DevOps teams protect apps from intrusions & data loss! Visit our Twitter @SqreenIO