Seth Hanford 🐡 on Nostr: nprofile1q…ufle4 just looking at this now, and of course larger orgs tend to be the ...
nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq7yf7cxzxz4kwf24zmflvyqqtrylsjwm5q9a074u5ger57rmzz0aq0ufle4 (nprofile…fle4) just looking at this now, and of course larger orgs tend to be the "security 1%". But smaller orgs are, I would imagine, much less likely to be writing their own code.
I guess I'm saying that it probably DOES make sense in the macro to be doing secure configuration first because the landscape is much more likely to be running and (mis)configuring someone else's code. Most businesses have greater "other people's code" exposure than not.
But I wonder whether there's another source of data for those orgs who do both: code and run other people's code. At what point do those scales tip? When you're 50/50 my code/others' code? 90/10 mine/others?
I guess I'm saying that it probably DOES make sense in the macro to be doing secure configuration first because the landscape is much more likely to be running and (mis)configuring someone else's code. Most businesses have greater "other people's code" exposure than not.
But I wonder whether there's another source of data for those orgs who do both: code and run other people's code. At what point do those scales tip? When you're 50/50 my code/others' code? 90/10 mine/others?