Skip to content

Prerequisites

This guide assumes a general understanding of web application security.

Web application security is:

Web applications are commonly the primary interface by which end users access information. Few are entirely self-contained, but are distinct components of broader, integrated information systems.

Such integrated components comprise a trust chain. Longer trust chains require greater effort to secure. However, the trust boundaries which exist between components can help improve security by providing defense-in-depth – hardening each component can limit the scope and likelihood of any attack.

Each section in this guide introduces a common security requirement for, or security functionality of, HCL Digital Experience. Each section includes a Recommended actions and considerations section to guide you through evaluating and improving the security footing of your application.

Following this guide could require a months-long or open-ended project involving multiple teams that should result in an application-specific security hardening procedure that spans development, deployment, and maintenance. Regularly review this Security Hardening Guide for HCL Digital Experience for updates.

Independently research web application security to identify other resources to inform your evaluation. Especially consider: