

The Great Software Sausage Factory in the Sky - anand-s
https://blog.srcclr.com/the-great-software-sausage-factory-in-the-sky/

======
jfdk
I really like the author's analogy to a "communal sausage." Working at a
company where our main backend is built on Rails / Ruby, security can always
be a bit scary (though has gotten much better in recent history).

I'm fairly security ignorant, so maybe someone can enlighten me here, but why
is the statement "traditional security tools aren’t effective" true? What kind
of tools are we talking about? How would blackbox testing be different if the
underlying software is changed?

I can definitely see how lower-level parts of the infrastructure would need to
be tested differently, but I don't know what changes at the webapp-level.

