Showing posts from June, 2022

Writing Technical Documentation

Often in infosec we get caught up on CVEs, the latest breach, or ransomware. Unfortunately, the other half of the job (project management, documentation, etc) can sometimes get less attention. Admittedly, they don't make movies about completing the paperwork after most action films. But in the real world it's what can lose court cases or certify a company as compliant with a government regulation.  We all wish documentation was clearer when reading it but very few enjoy writing it. I'm going to paint a broad brush here and put them all into two categories: Formal technical documentation E.g. SOC reports, company policies, SIG assessments, etc. Informal technical documentation E,g, the internal (or even customer facing) documentation explaining a concept or how to complete a technical task such as updating the OS version on a firewall. I'm not a Technical Writer, but I don't find writing documentation as painful as some, and I appreciate coming across what I find to