I’ve long held that the vast majority of responsibility for securing our networks lies on the software developer, and default configurations are a fantastic example of how we keep screwing up.
Archive:
infosec
Empathy for the defender is hard enough. Empathy for the attacker is a lesson I learned this week, from an unlikely source.