Well, that meeting was total waste of time. Yes, we could provide a document that explains the security solutions we have chosen for the app architecture, but planning and doing a recurring security audit and penetration testing for every release is, in my humble opinion, waste of time and resources if the app architecture has not changed (as it has not since the 1.0 release over 3 years ago). I guess we need to create that document then, but otherwise it is an overkill to run a security audit for every re

Well, that meeting was total waste of time. Yes, we could provide a document that explains the security solutions we have chosen for the app architecture, but planning and doing a recurring security audit and penetration testing for every release is, in my humble opinion, waste of time and resources if the app architecture has not changed (as it has not since the 1.0 release over 3 years ago).

I guess we need to create that document then, but otherwise it is an overkill to run a security audit for every release as we churn out a new one every 3 weeks…

2022-11-30T15:07:18Z