- Use static analysers - Use Vault to store credentials and rotate keys - Look into Atlantic for keeping modules up to date - Setup CI/CD to - Validate syntax - Run tests - Sign code