Discussion about this post

User's avatar
John Connelly's avatar

Way too much time is spent on scanning tools to find vulnerabilities in software and not nearly enough time is spent on actually fixing those vulnerabilities. I can't tell you how many times an app makes it to continuous monitoring and Ops will spend millions on tools to ring fence the vulnerability (XDR, Microsegmentation, Airgap, etc.) when they could just patch the f@#$ing code. Its the walled garden of security all over again. Would love to hear your thoughts on the subject.

Expand full comment

No posts