New IA: Security Best Practices

[sharadregoti]

User description

For internal users - Please add a Jira DX PR ticket to the subject!

---

Preview Link

https://deploy-preview-5701--tyk-docs.netlify.app/docs/nightly/api-management/security-best-practices/

Description

Screenshots (if appropriate)

Checklist

• I have added a preview link to the PR description.
• I have reviewed the suggestions made by our AI (PR Agent) and updated them accordingly (spelling errors, rephrasing, etc.)
• I have reviewed the guidelines for contributing to this repository.
• I have read the technical guidelines for contributing to this repository.
• Make sure you have started your change off our latest master.
• I labeled the PR

---

PR Type

Documentation

---

Description

• Added a new comprehensive guide on API security best practices, covering topics such as authentication, authorization, resource consumption, and governance.
• Detailed how Tyk addresses OWASP Top Ten threats, including broken authentication and authorization issues.
• Provided practical examples and diagrams for securing REST and GraphQL APIs.
• Updated the menu structure to include a new entry for "Security Best Practices" and removed the outdated "APIM Best Practice" section.

---

Changes walkthrough 📝

	Relevant files
Documentation	security-best-practices.md Add comprehensive guide on API security best practices      tyk-docs/content/api-management/security-best-practices.md Added a comprehensive guide on API security best practices. Included sections on authentication, authorization, resource consumption, and governance. Detailed OWASP Top Ten threats and Tyk's mitigation strategies. Provided examples and diagrams for REST and GraphQL API security. +380/-0
Configuration changes	menu.yaml Update menu structure for security best practices                tyk-docs/data/menu.yaml Added a new menu entry for "Security Best Practices". Removed the "APIM Best Practice" section and its subcategories. +4/-62

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Content Duplication The new document seems to consolidate various topics from deleted files into a single comprehensive guide. Ensure that no critical information is lost in this transition, and that the new document maintains all necessary details previously covered. External Links The document contains numerous external links. Verify all links to ensure they are correct, accessible, and lead to the expected content. Broken links can significantly degrade user trust and document credibility. Security Details The document extensively discusses various security practices and configurations. It's crucial to ensure that all configurations and security practices mentioned are up-to-date and follow the latest security standards and best practices.

[github-actions]

PR Code Suggestions ✨

No code suggestions found for the PR.

[netlify]

✅ PS. Pls add /docs/nightly to the end of url

Name	Link
🔨 Latest commit	e7bf820
🔍 Latest deploy log	https://app.netlify.com/sites/tyk-docs/deploys/6740529e3bf908000864b943
😎 Deploy Preview	https://deploy-preview-5701--tyk-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.