Re: SDN are not the answer
Force developers to document? That's too late. In my experience, SRE has not advanced to the point of really addressing security. But applying the pattern means, "force application engineers to justify why a given access is needed". Not to you, but at all. Devs are not conditioned to think about tradeoffs in the security dimension. This must change.