In conversation, came across the following certifications that we can consider going after. - Common Criteria Compliance, https://en.wikipedia.org/wiki/Common_Criteria and https://www.commoncriteriaportal.org/ - STIG, https://en.wikipedia.org/wiki/Security_Technical_Implementation_Guide and https://iase.disa.mil/stigs/Pages/index.aspx Especially the latter, the idea that was floated is that compliance with STIG tends to assist in sales to large organizations due to the stringent nature of STIG. @briann are you familiar with these, how do they compare to what we've been discussing in https://gitlab.com/gitlab-com/sales/issues/73#note_38933255 re: using CSA? @ChadMalchow Are you familiar with these / are they asked about / do you see a competitive advantage in gaining these certifications that would warrant the effort?