|
|
|
|
|
|
by forgottenpass
4520 days ago
|
|
|
I'm wondering if someone of Github's caliber can be hacked so easily, what about the rest of the masses developing web apps. They're all pretty bad. SQL injection was a boondoggle for years until people wised up, or more likely moved to the then-newly-popular ORMs, but it still got Bell Canada recently. Target is #36 on the Fortune 500. That wasn't a webapp based attack, but even companies of their considerable resources still get security that wrong. Sure, you can tell yourself a startup is more tech focused and better positioned to get security right. But do devops building for server stacks and platforms they don't fully understand while pushing code multiple times a day really have both the skills and time to focus on security? |
|
|