---
title: Security
description: These topics are written for administrators that are comfortable securing web applications. Although the topics lay out a comprehensive list of actions to take, security is a very broad subject, and every environment is different; readers are expected to do their own research and complement the information found in these topics.
component: pingam
version: 8.1
page_id: pingam:security:preface
canonical_url: https://docs.pingidentity.com/pingam/8.1/security/preface.html
keywords: ["Security", "Features"]
page_aliases: ["index.adoc", "security-guide:preface.adoc"]
---

# Security

These topics are written for administrators that are comfortable securing web applications. Although the topics lay out a comprehensive list of actions to take, security is a very broad subject, and every environment is different; readers are expected to do their own research and complement the information found in these topics.

These topics do not provide guidance on securing specific AM features, such as OAuth 2.0 or SAML 2.0. You will find this information in the topics dedicated to those features.

When you deploy AM, you must ensure that your environment is built and configured with security in mind. This includes:

* The network infrastructure.

* The operating system.

* The container where AM runs.

* The Java installation and the cryptography settings.

* The clients and applications that will connect to AM.

* The CTS store, identity stores, and any other application stores.

* AM's own configuration.

[icon: cloud, set=fad, size=3x]

#### [Network](securing-communications.html)

Tips for securing your network infrastructure.

[icon: key, set=fad, size=3x]

#### [Certificates and keys](secrets-certs-keys.html)

AM cryptographic keys, keystores, and secret stores.

[icon: cogs, set=fad, size=3x]

#### [Protect the session cookie from hijacking](securing-cookies.html)

How to protect the session cookie from malicious users.