|
|
|
|
|
|
by tptacek
2670 days ago
|
|
|
Yes, software security in 2019 is markedly different from software security 17 years ago. 2002 predates the "Summer of Worms" and the Microsoft SDLC (for what it's worth, from 2004-2006, many of the world's software security firms were basically parked almost full-time in Redmond). It would be weird today to see an established company with a "shipping" product or SaaS service that couldn't provide a pentest attestation; back in 2002, it would be weird to see one that could. For some perspective: the first published "integer overflow" attacks were from 2002 (the attack pattern was known but not published as such before then). |
|
|