From 8cfa20cd721b66a80efcfbd788204e877297347d Mon Sep 17 00:00:00 2001
From: helen-laktionova <helen.laktionova@spryker.com>
Date: Tue, 11 Jul 2023 17:30:42 +0200
Subject: [PATCH 1/2] Update security-guidelines.md

Add "secrets" topic
---
 docs/scos/dev/guidelines/security-guidelines.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/scos/dev/guidelines/security-guidelines.md b/docs/scos/dev/guidelines/security-guidelines.md
index 52baf6ad95e..693d0aa58f8 100644
--- a/docs/scos/dev/guidelines/security-guidelines.md
+++ b/docs/scos/dev/guidelines/security-guidelines.md
@@ -31,6 +31,10 @@ This document describes the data security guidelines you need to implement on th
 
 The most important about password security is to not save it in plain text. Therefore, Spryker uses BCrypt based on Blowfish to hash passwords and add a random salt to each hash, preventing rainbow table attacks. To prevent dictionary and brute force attacks, you can force users to use special characters by adding validation rules to needed forms. For even higher security, use 2-factor authentication and CAPTCHA.
 
+## Secrets
+
+Store a secret in a secrets management system. Check the next article about [Add variables in the Parameter Store](https://docs.spryker.com/docs/cloud/dev/spryker-cloud-commerce-os/add-variables-in-the-parameter-store.html)
+
 ## Encrypted communication
 
 As HTTP is a textual protocol having no built-in encryption, passwords and customer personal data are transferred to shops in plain text. So, a good practice is to configure and implement transport layer security (TLS), which is widely known to most users as HTTPS.

From b3dcbacaee0ba41c7dc399984be6d077f76e9dd9 Mon Sep 17 00:00:00 2001
From: Helen Kravchenko <helen.kravchenko@spryker.com>
Date: Tue, 11 Jul 2023 22:17:16 +0200
Subject: [PATCH 2/2] Update security-guidelines.md

---
 docs/scos/dev/guidelines/security-guidelines.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/scos/dev/guidelines/security-guidelines.md b/docs/scos/dev/guidelines/security-guidelines.md
index 693d0aa58f8..e001026cc8b 100644
--- a/docs/scos/dev/guidelines/security-guidelines.md
+++ b/docs/scos/dev/guidelines/security-guidelines.md
@@ -33,7 +33,7 @@ The most important about password security is to not save it in plain text. Ther
 
 ## Secrets
 
-Store a secret in a secrets management system. Check the next article about [Add variables in the Parameter Store](https://docs.spryker.com/docs/cloud/dev/spryker-cloud-commerce-os/add-variables-in-the-parameter-store.html)
+Store a secret in a secrets management system. See [Add variables in the Parameter Store](/docs/cloud/dev/spryker-cloud-commerce-os/add-variables-in-the-parameter-store.html) for more information about secrets and parameters. 
 
 ## Encrypted communication