From bc064511d711ae045a851d4136b302beb9e56365 Mon Sep 17 00:00:00 2001
From: trimstray <trimstray@gmail.com>
Date: Mon, 27 May 2019 12:26:57 +0200
Subject: [PATCH] add 'APISecurityBestPractices' - signed-off-by: trimstray
 <trimstray@gmail.com>

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index fd54cbe..0eaaad6 100644
--- a/README.md
+++ b/README.md
@@ -736,6 +736,7 @@ performance of any of your sites from across the globe.<br>
 &nbsp;&nbsp;:small_orange_diamond: <a href="https://portswigger.net/blog/practical-web-cache-poisoning"><b>Practical Web Cache Poisoning</b></a> - show you how to compromise websites by using esoteric web features.<br>
 &nbsp;&nbsp;:small_orange_diamond: <a href="https://medium.com/@_bl4de/hidden-directories-and-files-as-a-source-of-sensitive-information-about-web-application-84e5c534e5ad"><b>Hidden directories and files</b></a> - as a source of sensitive information about web application.<br>
 &nbsp;&nbsp;:small_orange_diamond: <a href="https://www.netsparker.com/security-cookies-whitepaper/"><b>Security Cookies</b></a> - this paper will take a close look at cookie security.<br>
+&nbsp;&nbsp;:small_orange_diamond: <a href="https://github.com/GitGuardian/APISecurityBestPractices"><b>APISecurityBestPractices</b></a> - resources to help you keep secrets (API keys, database credentials, certificates) out of source code.<br>
 </p>
 
 ##### :black_small_square: All-in-one