| ▲ | threecheese 2 hours ago | |
I’d think any company big enough or working in certain markets which has a Compliance Officer cares about this; regulations are a legitimate business risk, and software integration contracts have security control compliance requirements which very much impact the sdlc. Would you have the same reaction to requiring an approval for a production deployment? That’s driving the development process. —- Also jfc I need to cool it with the buzzwords, sorry I just got home from “talk like this all day” $job | ||
| ▲ | tptacek an hour ago | parent [-] | |
SOC2 is generally regarded as a joke and has in fact almost nothing to do with software resilience even on its own terms. | ||