►
Description
@dsharris talks about what the Customer Security Questionnaire first pass project is, why the field security team created it, and what our vision for this project is
A
Hi
I'm
Devin
Harris
I'm,
a
senior
security
analyst
here
on
the
field
security
team
and
get
lab
today,
I'm
doing
a
quick
introduction
to
the
customer
questionnaire.
A
first
pass
issues
board
and
we'll
be
talking
about
what
it
is,
why
we
made
it
our
vision
and
a
quick
overview.
So
it's
a
project
that
house
is
ready
responses
to
common
questions,
as
well
as
the
tools
and
processes
to
facilitate
a
functionality.
A
The
main
part
is
the
issues
board,
we'll
walk
through
that
in
a
minute,
but
really
why
we
created
it.
So
previously,
I
worked
at
companies
that
had
a
true
RFP
or
request
for
Proposal
solution,
and
it
was
great.
It
was
awesome
for
allowing
question
of
answer
pairs
for
common
things
to
be
curated
and
easily
searched
that
provided
a
lot
of
benefits
to
a
lot
of
teams,
but
the
most
outsized
benefit
was
to
the
sales
team.
A
It
really
enabled
them
to
scale
and
grow
quickly
because
it
captured
high
fidelity
and
verified
answers
with
links
to
artifacts
to
common
questions.
Minimizing
that
hole,
hey,
let
me
get
back
to
you.
I
need
an
expert
and
facilitating
really
self
service
ourselves
to
go
out
there
and
do
what
you
all
do
best
close
deals
at
a
lot
of
to
maintain
historical
context
for
questions
and
answers,
facilitated
collaboration,
it
shortened
the
onboarding
and
training
time
for
new
personnel,
and
it
really
helped
us
eventually
to
automate
routine
tasks
through
API
calls.
A
In
my
time
when
I
got
to
get
lab,
we
don't
have
budget
allocated
for
RFP
solution
and
I
noticed
that
our
security
questionnaires
tended
to
ask
either
the
same
questions
or
similar
questions
over
and
over
again
and
depending
on
who
answered
them.
There
might
be
a
different
answer.
Also
we
iterate
extremely
fast
here,
so
things
change
very
quickly,
which
means
answers
change
quickly.
A
So
looking
at
a
historical
questionnaire,
something
that
was
right
two
months
ago
might
not
be
correct
today
and
when
I
first
took
over
the
security
questionnaire
queue,
we
had
a
queue
that
was
so
backed
up
that
we
were
exceeding
SLA
about
like
15
days
on
average
and
that's
not
acceptable
and
I
realized.
We
really
needed
a
skill
and
work
with
a
customer
support
team
to
help
correct
that,
and
since
then
the
team
has
been
great
has
been
a
great
partner
and
helping
us
to
do
that.
A
Also
working
with
solutions,
architects,
Technical,
Account
Managers.
It
was
clear
that
the
team
had
real
talent.
Incredibly,
smart
people
we're
just
failing
to
provide
the
tools
we
needed.
My
vision
is
that
I
hope
one
day
we'll
have
a
true
RFP
solution,
probably
won't
be
this
quarter
and
it
probably
won't
be
next
quarter.
I
understood
the
importance
and
functionality
this
RFP,
so
I
wanted
to
dog
food
our
solutions
and
produce
something
that
I
could
use
day-to-day
and
then
realized.
A
It
might
be
useful
for
other
people
compared
to
doing
like
a
document
or
spreadsheet
so
much
easier
to
maintain
this
in
issues,
issues
are
able
to
be
exported
into
common
formats
like
CSV,
and
you
can
also
interact
with
them
via
our
API,
which
is
great.
A
So
that
means
anything
that
we
do
here
can
be
extracted
transformed
and
loaded
into
an
RFP
solution
that,
if
it
provides
functionality
to
do
automated
loading,
my
vision
is
simply
this.
Every
significant
question
is
documented
on
the
issue
board,
verified,
curated
and
maintained
to
allow
a
central
source
of
truth.