[kevingadd]

I don't understand how this justifies writing off the work of security professionals as not real work or not difficult. Is the author talking about people who run security scanner scripts and call it a day? If so, why are those people relevant to discussions of memory safety and why generalize the entire discipline based on them? Are we supposed to generalize the traits/experiences of the average PHP developer and apply that to Haskell and C++ experts too? Every field has lazy people or unskilled hacks in it.

Some subset of the industry having "bad opinions" also does not mean their work suddenly has no value or they're not trying hard. To me this approach to the hard work of real experts is immediately disqualifying for someone's opinions. They can think it, but if they want to say it they should be prepared to not be taken seriously.