More code results in more bugs. You need to throw money at software developers to build something, anything really. Only then do you hire a 3rd party pen-testing company for a few days. That's the way it works in our shop anyway. It's unfortunate, but sometimes the expected velocity to achieve MVP glosses over best security practices.
No comments yet.