We recently released a github repo for startup security tips (HN discussion: https://news.ycombinator.com/item?id=13814991).<p>It quickly became the 1st trending github repo for the day.<p>I am currently struggling with mentioning specific security vendors. There is a tradeoff between giving practical advice mentioning specific vendors and features, and being fair with all security vendors. Here are a few thoughts, I am not happy with any of them.<p>* Add a page per vendor. This is a place where we can add the top 10 tips for each vendor.
* Add a page per use-case (for example 2FA providers). The problem here is that you would need to sort the vendors, those being on top benefiting more. It could also become a wikipedia-like editing battleground that I would like to avoid. We could have a poll, and I'll sort the list based on the poll, but that would require some vetting, and confidentiality as startups are reluctant to expose their security stack publicly. Confidentiality in turn might bring up trust issues as things are not being done out in the open.
* Referring to external sites that measure up different vendors. This bring the question, which site ? I would like to be biased towards the selection of vendors that startups can use, and not just enterprise customers use.