Listening to @jerry on the most recent #DefensiveSecurity podcast. Specifically the point about how nobody really paid attention to border firewalls and then suddenly they did.
My pentest experience has mostly revealed an ugly truth: 99% of the time, any given piece of software which doesn't have a ton of CVEs reported for it isn't because it's secure, it's because nobody's looked.
Better education is key but I see a lot of colleges and universities taking the completely ass backwards approach. Instead of teaching every single developer how to securely code, they've spun up Cyber programs to chase those dollars. From an academic perspective it's a completely disappointing letdown.
=> More informations about this toot | View the thread | More toots from fennix@infosec.space
=> View jerry@infosec.space profile
=> View defensivesecurity tag This content has been proxied by September (3851b).Proxy Information
text/gemini