SarahJamieLewis on Nostr: Most of the time I do contract engagements for security/privacy work I end up being ...
Most of the time I do contract engagements for security/privacy work I end up being consulted far too late to significantly improve the security of the system under review.
At best I can point out vulnerabilities and suggest some mitigation, but in many cases the risk has already been realized / the liabilities have already been created.
Core design decisions, made without security review, too costly to rework, and fundamentally insecure.
I don't expect this to change, but maybe one day.
At best I can point out vulnerabilities and suggest some mitigation, but in many cases the risk has already been realized / the liabilities have already been created.
Core design decisions, made without security review, too costly to rework, and fundamentally insecure.
I don't expect this to change, but maybe one day.