Audits are a relevant aspect. Some people are afraid of them, but I think that even the company that is in charge of it can add a lot of value to what is studied by them, giving credibility and transparency to what is done in there.
You are viewing a single comment's thread from:
Yeah, plus it's not just for the audience but for them. Projects should be the first ones interested on theirs protocols being secure enough.
Very true, detect those processes that are good to optimize. It is a good way to take advantage of that knowledge and experience.