faithlierheimer
commented
4 years ago This is a great outline--in the Recognition team we are working on a version of this for that branch of PDAP, the goal being to expand it to the other branches as well.
dongately
What: build 1-sheet recommendation of tool, actions, and points of contact on Security Engineering for volunteers working on PDAP
Why: start building communication bridges and trust b/t SecEng and the rest of the project, enable volunteers to safely participate in the project with least amount of possible friction and acceptable risk
How: --> aggregate ideas here --> split into separate docs base on role in the project --> Split b/t 'must do,' 'important to do,' 'consider doing,' or similar idea (ranked suggestions) --> distribute docs
Follow-on work: ID what can be enforced from these recommendations, start using this for threat vector planning, etc.