
Ask HN: How strict is your company on shipping code with known vulnerabilities? - badsecurity
How strict is your company about pushing out code with known security vulnerabilities?<p>How does that vary for internet facing apps vs. internal network only apps.<p>What is the balance of power like between the business people and security people?
======
chorse88
We have multiple teams who handle security at my company, they lease with our
teams to grade and find a solution that suits all parties including clients.

Our planning prioritises anything that is Security or compliance related and
patching those things is number 1 priority. You can’t ship good product if
you’re not in business

