No company I've ever worked at takes security seriously. As a developer I learned long ago to point out in emails (CYA) what they're doing wrong and how our development should work backward from the risks.
Nah, that costs money and takes time. Just outsource the code.
I wonder how much that has cost all the companies that have been hacked. My guess is it's several orders of magnitude more than it saved.
So we know how - my immediate question is how many other instances are out there, unpatched, tangled up with things like Payment Portals, Auto Reg. Portals. Gah.
3 comments
[ 3.7 ms ] story [ 5.8 ms ] threadNah, that costs money and takes time. Just outsource the code.
I wonder how much that has cost all the companies that have been hacked. My guess is it's several orders of magnitude more than it saved.