Summary: <p>Documentation is super boring, right? Yet it's critical to getting your client/audience excited about making their security better!</p> <p>In this episode I talk about my mixed feelings towards the "big" standards like ISO/NIST/etc. and how a more tactical, down-to-earth documentation approach might be more effective in some cases. And I think we need our documentation to be much more focused on consultation/remediation and <em>not</em> just "Hey, your security sucks...and these next 100+ pages will tell you exactly why!" We can do better!</p> <p>Yes, this episode is like 18 minutes because, well, I guess I'm really passionate about documentation. :-)</p>
