top | item 33539332 (no title) 1 points| ewok94301 | 3 years ago discuss order hn newest ewok94301|3 years ago A few days ago we published a poll asking how much time it typically takes a developer to investigate an OSS vulnerability reported by an SCA tool.About 70 people responded, a good mix of security and engineering. Here are some interesting insights.24% reported it takes less than 2 hours 55% reported it takes more than a dayMost of the 24% were security, and most of the 55% were software engineers.This started a somewhat...heated discussion on our internal Slack.What do you think is the reason for the difference in perspective on this?Leave your thoughts in the comments.
ewok94301|3 years ago A few days ago we published a poll asking how much time it typically takes a developer to investigate an OSS vulnerability reported by an SCA tool.About 70 people responded, a good mix of security and engineering. Here are some interesting insights.24% reported it takes less than 2 hours 55% reported it takes more than a dayMost of the 24% were security, and most of the 55% were software engineers.This started a somewhat...heated discussion on our internal Slack.What do you think is the reason for the difference in perspective on this?Leave your thoughts in the comments.
ewok94301|3 years ago
About 70 people responded, a good mix of security and engineering. Here are some interesting insights.
24% reported it takes less than 2 hours 55% reported it takes more than a day
Most of the 24% were security, and most of the 55% were software engineers.
This started a somewhat...heated discussion on our internal Slack.
What do you think is the reason for the difference in perspective on this?
Leave your thoughts in the comments.