Holy hell yes. It’s actually alarming how many security holes are out there simply because management had no clue what people did and canned the last guy responsible for maintaining something. Zombie functions that are holding up the whole stack, but no one has had a clue what they did in 15 years, and we all just look away and hope they keep holding until they’re someone else’s problem.
I cannot make certain teams at my work give a shit about known security vulnerabilities in libraries they use, since they don’t trip our internal scanners. People have their own priorities. ¯\_(ツ)_/¯
The number of times I’ve seen a fix not get pushed because somebody got laid off is a lot higher than you might think.
Holy hell yes. It’s actually alarming how many security holes are out there simply because management had no clue what people did and canned the last guy responsible for maintaining something. Zombie functions that are holding up the whole stack, but no one has had a clue what they did in 15 years, and we all just look away and hope they keep holding until they’re someone else’s problem.
I cannot make certain teams at my work give a shit about known security vulnerabilities in libraries they use, since they don’t trip our internal scanners. People have their own priorities. ¯\_(ツ)_/¯