As you might’ve discovered in your own architecture work, it’s pretty easy to get overwhelmed with security architecture documentation. I remember the very first “proper” architecture description I did according to then IEEE1471:2000 (now ISO/IEC/IEEE 42010:2011) was 165 pages. And that was supposed to only be about the federated identity solution I was working on […]