Keeping work papers

I’d like to hear about folks’ record-keeping practices like when you will take a note and when you won’t, if you use written notes, tools, or text files or Word docs, how long you take recording stuff and has it ever saved your bacon.

For background, I’ve been doing this for 20+ years and I’ve always kept notes. I don’t need help personally. We are having discussions at my $dayjob on the sorts of records we should be keeping and the trade-offs involved in doing so. I would like to understand both leading practices and what is the common industry practices.

What do you do? Has it helped you make you a better tester? Did you learn your technique from a mentor or did you have to make it up as you go along?

[ I originally attempted to ask this on r/netsec, but it was rejected as it was a question (!) Something about small people with very small power something something. Ain’t no-one got time for that. ]

Published by vanderaj

Just another security geek

Leave a comment

Your email address will not be published. Required fields are marked *