Never dismiss something published by ConsenSys Diligence, so here you go:
- General Philosophy describes the smart contract security mindset
- Development Recommendations contains examples of good code patterns
- Known Attacks describes the different classes of vulnerabilities to avoid
- Security Tools lists tools for improving code quality, and detecting vulnerabilities
- Bug Bounties List of bug bounties in the ecosystem.
Other practical best practices from SkidsDAO wrt GitHub Actions & DevSecOps can be found here: https://github.com/SkidsDAO/security-policies 💪