Quote:
Originally Posted by alcstrategy
With all respect this is false. A "competent" person will find faulty code and logic better than any scanner, and that is how vulnerabilities are discovered. The trouble is most people who think they are competent actually aren't, and the scanners people rely on often times miss many things.
There's a big difference between just a developer and someone specializing in security, and the big problem is few realize there's a difference.
|
Perfectly stated, just because someone can code by no means they know shit about security. Always assume the worst has happened cause feedback means shit. It just means they probably haven't been caught yet.