New: assessment-templates/findings-backlog.md
Design principles: lives where client works, every finding has an owner,
feeds the housekeeping stream, accumulates from all sources.
Format: 6-field minimal entry (ID, finding, source, priority, owner,
status) with optional target date/effort/notes/closed date.
P0/P1/P2 priority using kill chain test.
Flat file template for Git-based clients.
Population guide: Day 30 (from Brownhat), subsequent modules, continuous
tools (ASTRAL drift, PULSAR alerts, Elysium, BloodHound).
Monthly housekeeping cycle structure.
Relationship to formal risk register explained.
Backlog health indicators (warning signs it is not functioning).
Wired into existing framework:
move-fast-and-fix-things.md: Rule 4 now names the backlog as the queue
rapid-modernisation-plan.md: Day 30 item 7 and Phase 1 action updated
engagement-model.md: Section 4 deliverables table updated at all stages
assessment-templates/README.md: Production-ready templates section added
index.md: Findings Backlog added to Assessment and Tools table
Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
move-fast-and-fix-things.md: 'The Critical Infrastructure Adaptation'
section in Rule 5. OT/NT environments where full greenfield is impossible.
Five-layer adapted stack: IT greenfield protects OT, OT config as code,
manual operation as fallback, compartmentalisation as partial burn,
long-cycle planned refresh. OT greenfield test with 4h/48h/2w targets.
vertical-power-utilities.md: New 'The Controlled Burn Adaptation' section.
Full treatment of when greenfield is not an option. Five-layer OT-adapted
stack. Explicit acceptance statement framework for genuinely irreplaceable
OT components (name, isolate, monitor, plan replacement). The OT greenfield
test. Reference back to Rule 5.
Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
move-fast-and-fix-things.md: Three Rules -> Five Rules.
Rule 4: Housekeeping as a permanent stream (named owner, cadence, queue).
Rule 5: Greenfield capability as standard operational activity every 5 years.
Updated pillar mapping table.
antifragile-manifest.md: Pillar 1 Antifragile Moves: greenfield capability
as the ultimate expression of structural decoupling. Controlled burn framing.
Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
Speed Is a Security Control: Replace overconfident '90% solution today'
with honest target: 30-60% in 180 days. Real comparison is progress vs.
the 0% that stays when waiting for the perfect plan.
New section 'When the Vulnerability Surface Is Effectively Infinite':
AI-scale vulnerability discovery (e.g. Project Glasswing) does not call
for AI-assisted patching. It calls for architecture that makes most
vulnerabilities matter less: kill chain prioritisation, blast radius
limitation, assume-breach posture, known-good baseline. Architecture
beats velocity in the vulnerability race.
Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
Claude Sonnet 4.6
tomas.kracmar