Exploration should include
- boot integrity
- boot security and/or Unified Extensible Firmware Interface (UEFI)
- measured boot
- boot attestation
- application security
- input validations
- secure cookies
- HTTP headers
- code signing
- whitelisting
- blocklisting
- static code analysis
- manual code review
- dynamic code analysis
- fuzzing
- self-encrypting drive (SED) and/or full-disk encryption (FDE)
- trusted platform module (TPM)
- sandboxing.