From 20e62e76146b8f2acb82d985472d4fd06991f128 Mon Sep 17 00:00:00 2001
From: Eric <eashaw@sailsjs.com>
Date: Fri, 24 Jun 2022 20:46:31 -0500
Subject: [PATCH] Add vulnerability monitoring ritual and heading (#6322)

---
 handbook/brand.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/handbook/brand.md b/handbook/brand.md
index f123b57bab..e996dcc4f7 100644
--- a/handbook/brand.md
+++ b/handbook/brand.md
@@ -344,6 +344,10 @@ In Figma:
   * Avoid using SVGs or icon fonts.
 3. Click the __Export__ button.
 
+### Vulnerability monitoring
+
+Every week, we run `npm audit --only=prod` to check for vulnerabilities on the production dependencies of fleetdm.com. Once we have a solution to configure GitHub's Dependabot to ignore devDependencies, this manual process can be replaced with Dependabot.
+
 ## Rituals
 
 The following table lists the Brand group's rituals, frequency, and Directly Responsible Individual (DRI).
@@ -361,6 +365,7 @@ The following table lists the Brand group's rituals, frequency, and Directly Res
 | Handbook editor pass | Monthly | Edit for copy and content. | Desmi Dizney |
 | Browser compatibility check | Monthly | Check browser compatibility for the website | Eric Shaw |
 | OKR planning  | Quarterly | Plan next quarter's OKRs | Mike Thomas |
+| Website vulnerability check  | Weekly | Checking for vulnerabilities on fleetdm.com | Eric Shaw |
 
 ## Slack channels