Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: Myrddin

“Finding ways to track your activity will be a perpetual cloak and dagger effort.”

I think you’re correct. You know more about what’s going on inside those boxes than I do.

My company’s IT department is all the time fiddling with security software and training.


13 posted on 01/31/2022 2:30:52 PM PST by cymbeline
[ Post Reply | Private Reply | To 11 | View Replies ]

To: cymbeline
I'm in the middle of a large scale port of support systems that run on Linux and Windows to a microservices architecture wrapped in Docker containers, deployed in kubernetes clusters and hosted in "the cloud". Lots of the server side code was built with Java and took a hit in recent weeks with the log4jShell remote control execution flaw. It took 4 passes for the library itself to be patched to a secure state. Finding all the places where it was used and updating those vulnerable systems has been a huge distraction, but a necessary evil to patch.

Our customer demands security scans of all software that will be delivered for use and a clean bill of health from a security perspective. The tools we use are maintained by a reputable supplier that keeps the scanner up to date with all the published vulnerabilities and adds heuristics to look for additional flaws. Anything flagged must be fixed before delivery.

22 posted on 01/31/2022 9:26:06 PM PST by Myrddin
[ Post Reply | Private Reply | To 13 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson