|
|
|
|
|
|
by ZeroBugBounce
1715 days ago
|
|
|
I'm curious if you can be more specific about the kinds of problems they eventually came around on that they did not care about/understand at first? I like this kind of "meta-problem" and would be interested in known how to get people more interested in ideas that I intuitively know are useful. |
|
|
* input validation at ingestion time vs processing time
* access control via a proper IAM system with defined roles as opposed to granting access to individual users
* various multi-tenancy, multi-region, and multi-regulatory-regime concerns
* relying on standard frameworks/platforms which provide rollouts, monitoring, test harnesses, etc. as opposed to rolling your own
Some of the things were simply "we know this is important, but we have to hit this deadline so we're going to cut corners", resulting in rework later to do things properly in production