Comment on Telegram says it has 'about 30 engineers'; security experts say that's a red flag
dandi8@fedia.io 5 months agoThis sounds like the devs are personally, sword and shield in hand, defending the application from attacks, instead of just writing software which adheres to modern security practices, listening to the Security Officer and occasionally doing an audit.
awesome_lowlander@lemmy.dbzer0.com 5 months ago
They’re not just writing the software, they’re responsible for the infrastructure it’s running on. And keeping that running and secure IS a full time job.
Right now, you sound exactly like one of those C level execs who looks at IT and asks “We haven’t had an issue in years, what do we need to pay them for?”
dandi8@fedia.io 5 months ago
Even if you have a full-time role for continuously auditing the infrastructure, you still didn't show how that needs a 15-person team, and an otherwise-untouched infrastructure should just keep on working (barring sabotage), unless someone really messed something up.