|
|
|
|
|
|
by jonstewart
645 days ago
|
|
|
> You’ve just broken a hundred things that developers and ops staff need daily to block a theoretical vulnerability that is irrelevant unless you’re already severely breached. I’m both a developer and a DFIR expert, and I practice what I preach. The apps I ship have a small allowlist for necessary external endpoints and everything else is denied. Trust me, your vulnerabilities aren’t theoretical, especially if you’re using Windows systems for internet-facing prod. |
|
|