zlacker

[parent] [thread] 1 comments
1. uw_rob+(OP)[view] [source] 2022-07-26 06:07:59
When it comes to security someone must always sleep with one eye open - co-owning this responsibility is totally reasonable. Microsoft takes security seriously and is investing heavily in it; if they are already in your orgs trust boundaries I see no reason why they wouldn't be considered good stewards for this as well.

Besides, at enterprise scale, how do you trust internal teams? It could all be security theater and they aren't delivering on their promises as well.

replies(1): >>sofixa+z6
2. sofixa+z6[view] [source] 2022-07-26 07:07:57
>>uw_rob+(OP)
> Microsoft takes security seriously and is investing heavily in it

Some parts of it maybe do. Some others, like multiple different Azure teams, don't even think about anything resembling security, or there wouldn't have been multiple critical and trivially exploitable security vulnerabilities on Azure in the last year only. (If you don't know them, please read up on them. Security is hard, but in those cases nobody even pretended to try!)

[go to top]