Security Wiki Updates

Check out this page for latest updates to the Developer Security documentation. 

[09/12/2018] - Updated Lightning Security page for CSP and unsafe-eval
[09/05/2018] - Modified requirements checklist to add Visualforce CSRF protection
[03/22/2018] - Modified Secure Single Sign On page to reflect changes in partner apps, per the Partner Alert (Partner Community login required).
[01/25/2018] - Modified Lightning CSS guidance on requirements checklist
[01/12/2018] - Adding managed packaged restriction to requirements checklist
[01/08/2018] - Requirements checklist minor edits
[06/12/2017] - New guidance page added for CRUD/FLS Enforcement for Reference Objects
[06/12/2017] - New Source Scanner Portal page at Source Scanner Portal
[06/01/2017] - Unminified JS code requirement updated for Custom Javascript and HTML in the Requirements Checklist
[03/15/2017] - Third party framework blog post added to Lightning Security
[02/10/2017] - FAQ item added for approved web application scanner reports on Security Review FAQ
[01/09/2017] - Details about updated test environment requirements added to Requirements Checklist and Test Info page
[12/09/2016] - New composite app security guidance for Marketing Cloud apps added to MC Secure Coding Guide
[12/09/2016] - "Sensitive info in URL" guidance added to Secure Coding Storing Secrets
[12/09/2016] - New content links from Security Design Resources including Security Trailhead content
[12/09/2016] - Updated content on Secure Coding guide for SOQL injection
[12/08/2016] - New Secure Coding Guide for WebSockets added to Secure Coding Guideline
[12/08/2016] - New Secure Coding Guide for PostMessage added to Secure Coding Guideline
[12/08/2016] - New Secure Coding Guide for Apex Sharing added to Secure Coding Access Control
[12/07/2016] - TLS 1.0 disablement timeline added to Requirements Checklist
[12/07/2016] - Lightning Security Requirements updates on Requirements Checklist