From 899c4de2cfca4f208a66c3faa3ce9a018d531e89 Mon Sep 17 00:00:00 2001
From: Desmi-Dizney <99777687+Desmi-Dizney@users.noreply.github.com>
Date: Tue, 26 Apr 2022 16:02:05 -0500
Subject: [PATCH] Editor pass - Handbook: Security rituals update (#5374)

* Editor pass - Handbook: Security rituals update

Editor pass for:  https://github.com/fleetdm/fleet/pull/5317

* Update security.md
---
 handbook/security.md | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/handbook/security.md b/handbook/security.md
index 25efad2cd3..b1b9e93b09 100644
--- a/handbook/security.md
+++ b/handbook/security.md
@@ -792,20 +792,22 @@ We use [Dependabot](https://github.com/dependabot) to create pull requests to up
 
 We ensure the fixes to vulnerable dependencies are also performed according to our remediation timeline. We fix as many dependencies as possible in a single release.
 
-## Security Rituals
+## Rituals
+
+The following table lists the Security group's rituals, frequency, and Directly Responsible Individual (DRI).
 
 | Ritual                       | Frequency                | Description                                         | DRI               |
 |:-----------------------------|:-----------------------------|:----------------------------------------------------|-------------------|
-| Security notifications check | Daily | Check Slack, Google, Vanta and Fleet dogfood for security related notifications. | Guillaume Ross |
+| Security notifications check | Daily | Check Slack, Google, Vanta, and Fleet dogfood for security-related notifications. | Guillaume Ross |
 | GitHub check | Weekly | Check GitHub security issues for anything pending analysis or prioritization. | Guillaume Ross |
-| Iteration planning | Every three weeks | Prioritize issues in GitHub security project for the next iteration. | Guillaume Ross |
+| Iteration planning | Every three weeks | Prioritize issues in the GitHub security project for the next iteration. | Guillaume Ross |
 | YubiKey adoption | Monthly | Track YubiKey adoption in Google workspace and follow up with those that aren't using it. | Guillaume Ross |
-| Dogfood policy update | Monthly | Edit Fleet dogfood policies that check for version numbers of Chrome, Docker and macOS. | Guillaume Ross |
-| Security blog post | Monthly | Publish a security related blog post to Fleet's blog. | Guillaume Ross |
+| Dogfood policy update | Monthly | Edit Fleet dogfood policies that check for Chrome, Docker, and macOS version numbers. | Guillaume Ross |
+| Security blog post | Monthly | Publish a security-related blog post to Fleet's blog. | Guillaume Ross |
 | Security lunch & learn | Monthly | Educational live stream session on cybersecurity for Fleet employees, sessions are later shared for public consumption on YouTube. | Guillaume Ross |
 | MDM device enrollment | Quarterly | Provide export of MDM enrolled devices to ops team. | Guillaume Ross |
 | Access revalidation | Quarterly | Review critical access groups to make sure they contain only relevant people. | Guillaume Ross |
-| Snyk scan | Quarterly | Scan Fleet repo with Snyk to identify important vulnerabilities that were not identified by GitHub. | Guillaume Ross |
+| Snyk scan | Quarterly | Scan Fleet repo with Snyk to identify important vulnerabilities that GitHub did not identify. | Guillaume Ross |
 | Security conference review | Quarterly | Look at upcoming security conferences and work with the growth team to determine whether Fleet should submit to attend. | Guillaume Ross |
 | Security policy update | Annually | Update security policies and have them approved by the CEO. | Guillaume Ross |