(and why you care)
As NTPSec Project Manager, Mark Atwood accepts risk on behalf of the project. In the event of a security incident, Information Security Officer Susan Sons is empowered to declare the incident and manage the NTPSec Project's response. Security documents are maintained at <url>.
Make lines of authority and communication clear.
Start with your "black swans" and "grey pigeons"
Don't try to document every possible scenario: rely on
people and resources.
This is all worthless if no one practices.
(if you think you have no vulns, you aren't looking hard enough)
Software Security Bootcamp: Architects' Edition by Susan Sons is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Permissions beyond the scope of this license may be available; send inquiries to email@example.com .