

Tackling the risk of cyber security attacks - ainsleyb
http://www.zdnet.com/news/tackling-the-risk-of-cyber-security-attacks/6224297

======
ainsleyb
It's a completely valid point that usually companies will do a single security
review and want it to last for a number of months, often a number of years.
Continuous monitoring is the only reasonable way to ensure adequate security
of a company's website; if new code is being written, new vulnerabilities are
bound to be written too.

Prioritizing vulnerabilities by which to conquer first and analyzing which
vulnerabilities will hurt you more quickly and hit you or your clients the
hardest is also interesting; it's something we (Tinfoil Security) already do,
but not something we see enough people think about.

