Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Continuous assessment is good (tool-driven continuous assessment can be sketchy), and is a norm at larger tech companies. Quarterly 3rd party assessments aren't, even at large companies (big companies might get many more than 4 audits per year, but will not as a rule re-assess things more often than annually or at major revisions).


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: