|
|
|
|
|
|
by bhousel
5458 days ago
|
|
|
The teams (or more likely outside vendors) that set up the bank's external-facing servers and load balancers are not going to poke around the application code. A bank will have architecture and security teams that evaluate the applications, but their main job is to run each application through a "best practices" checklist or audit to identify potential trouble spots. An application will need to meet some kind of sane minimum requirement for password security, but many of these apps are legacy or mainframe, and not easy to change. Big banks move very slowly. |
|
|