How to Harden

Open-source SaaS security hardening guides for supply chain defense. Protect your organization from third-party breaches.

51

Hardening Guides

5

Risk Tiers

250+

Security Controls

Hardening Guides

Okta

Tier 1

Identity Provider hardening for SSO, MFA policies, and API token security.

Identity

Snowflake

Tier 1

Data warehouse security including network policies, MFA enforcement, and access controls.

Data Platform

ServiceNow

Tier 1

Enterprise IT platform security for workflows, integrations, and access control lists.

Enterprise IT

CyberArk

Tier 1

Privileged access management hardening for vaults, PSM, and credential rotation.

PAM

HashiCorp Vault

Tier 1

Secrets management security including auth methods, policies, and audit logging.

Secrets

BeyondTrust

Tier 1

Remote access security for PRA, session monitoring, and credential injection.

PAM

CrowdStrike Falcon

Tier 1

EDR platform hardening for API security, update policies, and RTR access.

Security

Ping Identity

Tier 1

Identity federation security for PingFederate, PingOne, and OAuth configurations.

Identity

GitLab

Tier 2

DevOps platform security for CI/CD pipelines, repository access, and runners.

DevOps

CircleCI

Tier 2

CI/CD pipeline security including contexts, secrets, and runner hardening.

CI/CD

Azure DevOps

Tier 2

Microsoft DevOps security for pipelines, service connections, and artifact feeds.

DevOps

Atlassian Cloud

Tier 2

Jira/Confluence security for organization policies, app controls, and data residency.

Collaboration

Workday

Tier 2

HCM platform hardening for security groups, integration security, and domain policies.

HR/Finance

HubSpot

Tier 2

CRM security for private apps, OAuth scopes, and data export controls.

CRM

Salesforce

Tier 2

CRM platform security for MFA enforcement, Connected Apps, and Shield Event Monitoring.

CRM

Zoom

Tier 2

Video conferencing security for meeting policies, recording controls, and app marketplace.

Collaboration

NetSuite

Tier 2

ERP security for role-based access, SuiteScript controls, and integration hardening.

ERP

Wiz

Tier 2

Cloud security platform hardening for connector security and RBAC controls.

Security

Datadog

Tier 2

Observability platform security for API keys, log pipelines, and sensitive data.

Observability

Databricks

Tier 2

Data platform security for workspace access, Unity Catalog, and secrets management.

Data Platform

JFrog

Tier 2

Artifact management security for repository permissions, Xray policies, and access tokens.

DevOps

ADP

Tier 3

Payroll platform security for API connections, SSO, and data access controls.

HR/Payroll

Docker Hub

Tier 3

Container registry security for access tokens, image signing, and repository controls.

Container

Dropbox

Tier 3

Cloud storage security for sharing policies, linked apps, and admin controls.

Storage

SailPoint

Tier 3

Identity governance security for certification campaigns, source configs, and API access.

IGA

Splunk

Tier 3

SIEM platform hardening for role-based access, HEC tokens, and search controls.

SIEM

Box

Tier 3

Enterprise content security for sharing policies, app controls, and classification.

Storage

Terraform Cloud

Tier 3

IaC platform security for workspace variables, team access, and run triggers.

IaC

SAP SuccessFactors

Tier 3

HCM security for permission groups, integration center, and data protection.

HR

Oracle HCM Cloud

Tier 3

Enterprise HR security for security profiles, HDL controls, and IDCS integration.

HR

Adobe Marketo

Tier 3

Marketing automation security for API users, LaunchPoint services, and lead database.

Marketing

Zendesk

Tier 4

Support platform security for API tokens, app marketplace, and ticket redaction.

Support

PagerDuty

Tier 4

Incident management security for API keys, event rules, and integration hardening.

Incident

Tableau

Tier 4

BI platform security for site roles, data source credentials, and embed controls.

Analytics

Mailchimp

Tier 4

Email marketing security for API keys, audience protection, and domain authentication.

Marketing

Notion

Tier 4

Workspace security for sharing defaults, connection controls, and audit logging.

Productivity

Miro

Tier 4

Visual collaboration security for board sharing, app controls, and export restrictions.

Collaboration

LaunchDarkly

Tier 4

Feature flag security for SDK keys, environment access, and approval workflows.

DevOps

Asana

Tier 4

Project management security for guest access, app controls, and division settings.

Productivity

Monday.com

Tier 4

Work OS security for board sharing, app restrictions, and API token controls.

Productivity

Klaviyo

Tier 4

E-commerce marketing security for API keys, profile protection, and export controls.

Marketing

New Relic

Tier 5

Observability security for API keys, license keys, and log obfuscation.

Observability

Power BI

Tier 5

Microsoft BI security for tenant settings, gateway credentials, and embed controls.

Analytics

Looker

Tier 5

Google BI security for model access, embed secrets, and database connections.

Analytics

BambooHR

Tier 5

HR platform security for API keys, access levels, and sensitive field protection.

HR

Freshservice

Tier 5

ITSM security for API tokens, CMDB access, and change management controls.

ITSM

Snyk

Tier 5

AppSec platform security for service accounts, SCM integrations, and Broker configs.

Security

Vercel

Tier 5

Deployment platform security for access tokens, environment variables, and Git integration.

Hosting

Rippling

Tier 5

Workforce platform security for app provisioning, device management, and SCIM controls.

HR/IT

Gusto

Tier 5

Payroll security for admin controls, partner integrations, and bank account protection.

Payroll

Smartsheet

Tier 5

Work management security for sharing defaults, connector controls, and activity logging.

Productivity