We continuously keep following OWASP - Open Web Application Security Project's recommendations beside our team's corporate experience especially in banking sector which has the highest security rank among private sectors.
The OWASP Top 10 is a regularly-updated report outlining security concerns for web application security, focusing on the 10 most critical risks. The report is put together by a team of security experts from all over the world. OWASP refers to the Top 10 as an ‘awareness document’ and they recommend that all companies incorporate the report into their processes in order to minimize and/or mitigate security risks.
Bu still keep in mind that there may be always special security concerns not only of your application but also any other related server side configuration or 3rd party libraries/tools.
So be keen and skeptical about the security and vulnerabilities. You can use free security checking tools such as OWASP's :
Also check & apply security instructions for Distributed Cache Server