[blueflame7]

I see you’re quite the nihilist when it comes to computer security. But for your information, there are a lot of people in the corporate and government world that think computer security works like a bank. Unfortunately for us, many of those people are running the show, and too wealthy to care about learning about the details; that’s our job. So ultimately this so that they can feel save at night knowing they’ve covered their ass from negligence. This is why things like NIST-171-800 exist and this tool would be helpful for mandatory practices required to do business

[SCHiM]

I don't see how that's a nihilist attitude. It's the truth. At this point in time, and since the rise of the internet, no computer system has been completely secure. Things will change for the better over time, but not if we placate the people "running the show".

I assume from your comment that you to think that "covering ass" adds value to security, it does not. Because if you, like me, judge this product as being redundant, then what value is truly added? What if a competent team of pentesters is rejected and favor of this tool? Then you made the world less secure. An organization not competent enough to run a security scanner will certainly not see the benefit of this product.

The current status in cyber security is that of safety in engineering three centuries ago: "This bridge is secure because we walked two oxen over it, and it did not collapse.".

"Our bank is secure, because no hacker has stolen our funds yet."