Chapter 9. Operating a Product Security Team
This chapter deals with issues related to the daily operation of a product security team. In particular, it covers what requirements are specific to the product security team and how to address them.
Working Hours
Product security vulnerabilities can be discovered at any time of day but that by itself is not the worst thing. The worst is that a vulnerability can be exploited at any time. If that would happen, the product security team must be ready to respond on very short notice. This indicates that the product security team must work around the clock.
Although the team must have coverage around the clock, it generally is not required to have someone constantly in the office. In most cases, it is ...
Get Computer Incident Response and Product Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.