Striving to become a master Go/Cloud developer; Father ๐จโ๐งโ๐ฆ; ๐ค/((Full Stack Web|Unity3D) + Developer)/g; Science supporter ๐ฉโ๐ฌ; https://coder.today
I was surprised to see that database injection is still #1 in top OWASP 2017 threats, but then again the industry has a big influx of newcomers and the intro learning resources lack in security chapters.
A good thing is that containers and managed services took many issues from our hands into the proper ones, security experts that work for datacenters and service providers.
I'm a small business programmer. I love solving tough problems with Python and PHP. If you like what you're seeing, you should probably follow me here on dev.to and then checkout my blog.
I know, right? And it's not just small projects that still has SQL injection vulnerabilities; big companies are still making headlines with them. Here are some recent examples.
Managed services are a good thing overall but I wonder how many teams actually understand the strengths and weaknesses of outsourcing. Are they still thinking about security or just throwing it over the wall and assuming that their providing is doing whatever is required to keep their project safe?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I was surprised to see that database injection is still #1 in top OWASP 2017 threats, but then again the industry has a big influx of newcomers and the intro learning resources lack in security chapters.
A good thing is that containers and managed services took many issues from our hands into the proper ones, security experts that work for datacenters and service providers.
I know, right? And it's not just small projects that still has SQL injection vulnerabilities; big companies are still making headlines with them. Here are some recent examples.
Managed services are a good thing overall but I wonder how many teams actually understand the strengths and weaknesses of outsourcing. Are they still thinking about security or just throwing it over the wall and assuming that their providing is doing whatever is required to keep their project safe?