# Product Security Engineering

- [DevSecOps](/notes/notes/product-security-engineering/devsecops.md)
- [Docker](/notes/notes/product-security-engineering/devsecops/docker.md)
- [How to Dockerize Applications with Docker Compose (Using SQLite and Flask)](/notes/notes/product-security-engineering/devsecops/docker/how-to-dockerize-applications-with-docker-compose-using-sqlite-and-flask.md)
- [SAST/SCA](/notes/notes/product-security-engineering/sast-sca.md)
- [How to setup a GitHub Action for Code Security analysis](/notes/notes/product-security-engineering/sast-sca/how-to-setup-a-github-action-for-code-security-analysis.md)
- [JavaScript Security Analysis](/notes/notes/product-security-engineering/sast-sca/javascript-security-analysis.md)
- [Java Security 101](/notes/notes/product-security-engineering/sast-sca/java-security-101.md)
- [Tools](/notes/notes/product-security-engineering/sast-sca/static-code-analysis.md)
- [CodeQL for Beginners](/notes/notes/product-security-engineering/sast-sca/codeql-for-beginners.md)
- [Product Security Hardening](/notes/notes/product-security-engineering/product-security-hardening.md)
- [Threat Modeling](/notes/notes/product-security-engineering/threat-modeling.md): Threat modeling with STRIDE, DREAD and PASTA
- [PHP Security](/notes/notes/product-security-engineering/php-security.md)
- [Product Security Governance](/notes/notes/product-security-engineering/product-security-governance.md)
- [Controversial Subjects](/notes/notes/product-security-engineering/product-security-governance/controversial-subjects.md)
- [Redis License Compliance in 2025](/notes/notes/product-security-engineering/product-security-governance/controversial-subjects/redis-license-compliance-in-2025.md)