
Equifax's IT team knew it hadn't patched web app vulnerability - rbanffy
https://www.grahamcluley.com/equifax-vulnerability-heads-roll/
======
slitaz
Then it is even more damning to the head of security if they knew about the
vulnerability. The ultimate person to decide whether a vulnerability is not to
be patched, is the head of security.

~~~
Arnt
There are two unstated assumptions here: 1) She had the organizational power
to order patching and rollout (which is more than the power to prevent a
rollout). 2) She didn't try.

You may be right. But.

