Feb. 5, 2024, 1:23 a.m. | /u/bi-nary

cybersecurity www.reddit.com

Current org is very risk-averse in regards to web-apps... so risk averse that they choose NOT to patch fairly often, because availability is more important than anything else. I have tried, without success, to argue that availability is compromised where vulnerability exists.

In other positions I've held, applying ***security*** ***patches*** of nearly any severity within 30 days was a requirement, without exception. Currently, Getting patches into production takes about 6 weeks... So prod is a minimum 6 weeks behind, and …

apps availability compromised current cybersecurity important org patch patches patching risk security severity software software patching vulnerability web

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Infosec Engineer II(3-6 Years)

@ MRI Software | Bengaluru, India Office

Cyber Security Analyst

@ ControlUp | Rishon Lezion

Senior Consultant.e (H/F) - Product & Industrial Cybersecurity - CDI

@ Wavestone | Paris, France

Offensive Security Engineer III

@ Fanatics | India - Hyderabad