1. SANS (2022) Securing Web Application Technologies [SWAT] Checklist. https://www.sans.org/cloud-security/securing-web-application-technologies

2. OWASP (2021) OWASP Secure Headers Project. https://owasp.org/www-project-secure-headers

3. An Innovative Soft Design Science Methodology for Improving Development of a Secure Information System in Tanzania Using Multi-Layered Approach

4. Mshangi, M., Sanga, C. and Ngemera Nfuka, E. (2016) Designing Secure Web and Mobile-Based Information System for Dissemination of Students’ Examination Results: The Suitability of Soft Design Science Methodology. International Journal of Computing and ICT Research, 10, 10-40. https://www.researchgate.net/publication/313469379

5. CISA (2022) Weak Security Controls and Practices Routinely Exploited for Initial Access. https://www.cisa.gov/uscert/ncas/current-activity/2022/05/17/weak-security-controls-and-practices-routinely-exploited-initial