This is indeed much shorter than what I’ve seen around.
As a developer/team lead that might need to answer these questions to a satisfactory degree, what are resources that would actually help implementing this kind of security infrastructure?
(Author here.) Well, you could always use this questionnaire as a starting point itself: ask yourself these questions, and if you're not happy with the answers, do something about it.
Ooh, I’ve done that, and I’m doing it with many such questionnaires I receive :) sometimes it makes sense and we do something about it, but many times you just don’t know what you don’t know, or you don’t know where to start, and it’s not a topic that comes up often on the various public fora.
I was looking for books, talks, guides - anything. I just read the latacora soc2 guide and it’s at least a starting point.
As a developer/team lead that might need to answer these questions to a satisfactory degree, what are resources that would actually help implementing this kind of security infrastructure?