Hack the Docs: how security professionals use documentation



Event: Write the Docs Australia, online
Schedule link: https://www.writethedocs.org/conf/australia/2022/speakers/#speaker-lilly-ryan
Other links: https://www.flickr.com/photos/writethedocs/albums/72177720304378693

# Abstract

We write documentation to help our colleagues and users find their way through our systems - but your carefully-crafted documentation can also help attackers learn what your systems do, and give them unintentional pointers on where to start breaking it.

In this session, we’ll discuss the common things that go wrong in docs from a security perspective, from giving away too much to giving away too little, and the kinds of harm erroneous docs can do; what “secure” documentation looks like; and how security professionals themselves can improve their work through documentation development.