Skip to content

Latest commit

 

History

History
 
 

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 

README.md

Security

Steering documents that help enforce security best practices, vulnerability prevention, and secure coding patterns.

Overview

Security steering documents guide Kiro to write code that follows security best practices and helps prevent common vulnerabilities. These documents focus on practical security patterns that can be applied during code generation.

Available Documents

Document Description Languages Tags
Coming soon Input validation and sanitization Multiple security, validation
Coming soon Authentication and authorization patterns Multiple security, auth
Coming soon Secure API development Multiple security, api
Coming soon Dependency security scanning Multiple security, dependencies

Usage Guidance

Getting Started

Security steering documents will help you:

  • Implement secure coding practices from the start

  • Prevent common vulnerabilities (SQL injection, XSS, etc.)

  • Follow authentication and authorization best practices

  • Handle sensitive data securely

Installation Example

# Copy a security steering document to your project
cp categories/security/input-validation.md .kiro/steering/

Best Practices

  • Apply security steering documents early in development

  • Combine multiple security documents for comprehensive coverage

  • Review generated code for security implications

  • Keep security steering documents updated with latest threats

Security Considerations

  • Security steering documents provide guidance but don't replace security audits

  • Always review security-critical code manually

  • Use additional security tools for vulnerability scanning

  • Follow your organization's security policies

Related Categories

Contributing

Security contributions are especially valuable to the community. If you have security steering documents to share, please see our contribution guidelines. All security-related contributions undergo additional review.