Register | Lost password?
Advanced Search
Forum Scope

Start typing a member's name above and it will auto-complete


Forum Options

Minimum search word length is 3 characters - maximum search word length is 84 characters

Please confirm you want to mark all topics read

Mark all topics read

Your thoughts on Defining Contributors?
Dorian Cougias
Posts: 3
Level 10
Nov 23, 2021 - 10:12 am


Now that you've read the article (if you haven't, click HERE), what do you think?

Sean Kohler
Posts: 6
Level 10
Nov 23, 2021 - 10:54 am


It is very important to disambiguate Users as Contributors early in the Federated Data process.  We are working on having stackable validations in the process followed by a friend-of-a-friend model to ensure contributed data comes from a known Person.

Peter Rosenberg
Posts: 1
Level 0
Jan 24, 2022 - 10:16 pm

Thanks, Dorian
In the xMas days of joy and calm, I went thru your Webinar on C-a-C (Compliance as Code) and also had a glimpse of your Use Cases.
I think, we should raise the abstraction to yet another level...

Now I'm, scrutinizing - not the Frank Zappa way 😉 asking rethorically:

  • Why do you believe that a Diagram is needed for a Team ? 
    You keep arguing (elsewhere) that Text is more precise/comprehensive and suitable to Auditors. So why not for a 'general audience' ?  
    I do agree its compelling to have easy graphics and visualizations beside of textual representations, but to whom  - End Users or Architects or both ?
  • What is the end-goal (not Minimum Viable product) ?
    Is this to remove the variations of Platform specializations, that is tedious to roll into CIS and likewise frameworks ?
    Is it to allow easy (machine assisted) comparison of findings of compliance controls detections ?

Or is the reality, it support a general control seen around like 'You must be able to present a documented system', alone invented by decades of various frameworks and standards ?

Well, if it can be automated, like by feeding a VMWare 'Software Defined Datacentre' to PlantUML, and voila - all AS-IS is suddenly documented, then we can get rid of Document Controls like mentioned, and simply require an Automated Document Generation capability should exist as a best practice. 

Peter Rosenberg

Dorian Cougias
Posts: 3
Level 10
Jan 31, 2022 - 9:41 am


Peter, if I'm understanding this correctly, the generalized question is "what is the end goal for diagramming as code"? Or are you asking something else?

Most Users Ever Online: 18
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)

Devices in use: Phone (1)