|
|
|
|
|
|
by deanstag
4089 days ago
|
|
|
I was in a dev team for a network security appliance. It is really sad they way they treat vulnerabilities and security advisories. There were very few people who know what the actual vulnerability was.The vulnerability would be listed as one of the last items in a release checklist. Gets assigned to a guy who has no clue whatsoever. The guy fixing the issue would google a patch. apply it. has no way of testing it comprehensively. He will run a basic test case. He will make up a report with a lot of security jargon for the managers and advisory team. And the next release would list the vulnerability as fixed. |
|
|