[hcrean]

As a former pentester, this makes me happy inside.

As a DevSecOps Engineer, I field requests like this from frontend developers all the time. The answer is always no.

In this case it would be "I am sorry that you are not happy with inter-team planning and communication; please raise this with the appropriate project owner at the next scrum meeting. Sadly poor communication can not be allowed to drive well established systems planning and architecture best practices..."

[partyboat1586]

Sounds kind of dismissive and passive aggressive. The architecture suggested in the article is terrible but I think the way to respond to it is to explain why it's terrible from a security standpoint and then also a maintenance standpoint. If they are smart they will get it and then move on to finding a way to fix the planning problems. Stonewalling and defending your corner is something I have personally seen evolve as a kind of toxic thing in big companies leading to breakdown of communication.