|
|
|
|
|
|
by lvturner
660 days ago
|
|
|
It may not apply to this specific incident, but pen-testing only ensures you meet a minimum standard at a specific point in time. I almost feel I could write novels (if only I had time and could adequately structure my thoughts!) on this and adjacent topics but the simple fact is that the SDLC in a lot of enterprises/organizations is fundamentally broken, unfortunately a huge portion of what breaks it tends to occur long before a developer even starts bashing out some code. |
|
|