Hacker News new | past | comments | ask | show | jobs | submit login

Well yes, we're talking past each other then. I'm coming from a perspective where I get the space to actually perform risk assessment and where that actually matters. I don't need to comply with a needlessly highly regarded CVE database, nor do I have trouble communicating this. Furthermore, I still find value in vulnerability scanners - to a limited extent - because they allow me to automate manual work.

If you are working in a more political organization (that is not a value judgment - that often comes with organization scale) then other things influence you processes. I'm sorry, but that's not the perspective I take. That doesn't make my approach any more dangerous though - I think it's an appropriate perspective and I'm happy I can take it.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact