[bdcravens]

Maybe I'm being all "get off my lawn", but I feel this is an almost inevitable result of attitudes about new stacks, the rise of the bootcamper, and hackathons-turned-product. In theory that young hipster developer that fits the mold would be just a junior on the team, and their enthusiam and foolhardiness towards moving fast and breaking things would be tempered by more mature team members and operators. However, I think we're seeing a world where 2013 bootcamp grads are the seniors and the cult of hacking and iterating and breaking things means situations like this will become more common.

[johnloeber]

As a young hipster developer, I agree with you 100%. Modern startups have generally been taking an approach that is totally dismissive of long-tail risks such as this one.

I think it is extremely unfortunate that financial incentives are currently stacked against engineering responsibly -- a startup that tries to actually secure a well-built product will need to spend an often unaffordable amount of money or time doing so.

[LunaSea]

The OWASP top 10 has barely changed in 20 years and SQL injections were always part of it so bootcamps weren't needed for developers to start inserting security vulnerabilities in their apps.