Thread: How to know if Coder Insert malicious code into your script?
View Single Post
Old 03-12-2013, 04:22 PM  
alcstrategy
Confirmed User
 
Industry Role:
Join Date: May 2012
Posts: 124
Quote:
Originally Posted by AJHall View Post
I would do both. We use scanners and human beings and try to pour over code as well as cover similar scenarios to what we've seen in the numerous hackings we've encountered and continue to encounter over time. Nothing is 100%. Scanners will miss things and so do experts. I would never hire a security expert who was naive enough or enough of an egomaniac to tell me otherwise but I totally agree with you that if someone can afford it they're far far better off hiring someone who specializes in security than relying on a developer for this.
Naturally nothing is 100%, and I'm not sure if you were calling my statement naive, but my main point was that the majority rely on them.
alcstrategy is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote