|
|
|
|
|
|
by 4ndrewl
24 days ago
|
|
|
Is there a reason why they appear to conflate vulnerabilities and bugs? It's not clear where they are defining their terms, eg "After one month, most partners have each found hundreds of critical- or high-severity vulnerabilities in their software. Collectively, they’ve found more than ten thousand. Several have told us that their rate of bug-finding has increased by more than a factor of ten. For instance, Cloudflare has found 2,000 bugs (400 of which are high- or critical-severity) across their critical-path systems, with a false positive rate that Cloudflare’s team considers better than human testers." (emphasis mine) |
|
|