May 26 Update below. This post was originally published on May 25
Many people equate the regular discovery, and patching, of product vulnerabilities with being a sign of bad security; I am not one of them. I have always said that I’d much rather these security flaws are picked up, be that by in-house teams, bug bounty platforms or independent researchers, than go undiscovered. Vendors that patch regularly and transparently are demonstrating a strong security posture, not a weak one. Sure,…
Source link
