|
|
|
|
|
|
by ivanhoe
1295 days ago
|
|
|
On the other hand mainstream frameworks have a big community behind them, while the custom framework's support is only you - thus making it: 1) far more likely that you have undiscovered vulnerabilities in it, 2) actually a lot more work to keep it up to date and properly secured over time, since it's all up to your team (and this becomes exponentially harder with every 3rd party lib that you use). Not implying it's the case with your company, of course, but most of B2B companies that I've seen that use custom frameworks solve these 2 problems by simply ignoring them and not updating anything - hoping for the best and relying primarily on security through obscurity for protection. |
|
|