Regarding application security, we will explore:
- Securing the data between the endpoints while it is being transported to prevent a man-in-the-middle attack.
- Encrypting and storing the data at rest.
- Encrypting all the critical data, including passwords and keys used by the application. We have already covered this previously in the Using the AWS Key Management Service section.