Cybersecurity, as a profession, is a fool’s errand.
Dedicated security staff exist solely to teach real engineers how to do their job, and the fact that such personnel exist is a catastrophic failure in computer science curriculum
It often seems cyber sec staff write reports on what should be done with no understanding of why and this leads to them fretting over things that are not actual vulnerabilities.
Cybersecurity, as a profession, is a fool’s errand.
Dedicated security staff exist solely to teach real engineers how to do their job, and the fact that such personnel exist is a catastrophic failure in computer science curriculum
It often seems cyber sec staff write reports on what should be done with no understanding of why and this leads to them fretting over things that are not actual vulnerabilities.
200 vulnerabilities, 2-3 that might actually be exploitable, and no prioritization. But look at these metrics!