I found a really good, comprehensive blog post about a startup/saas security basics a few days ago. I wonder if anyone has a link to it. If so can you please share it with me here?
The blog post contains basic, bare minimums security stuff for your business including. Two things I remember from that blog post was that 1.) You should have at least email 2FA 2.) Logging for admin stuff.
* https://mvsp.dev/mvsp.en/index.html * https://www.goldfiglabs.com/guide/saas-cto-security-checklis... * https://latacora.micro.blog/2020/03/12/the-soc-starting.html