On a more serious note, management should be always careful when disclosing information about its security practices. After all it is a global information disclosure and should be carefully evaluated before releasing too much sensitive data that can leave the organization vulnerable. If you run this in parallel with software security, it is the classical info disclosure bug that exposes the inner workings of the application and can aid an attacker into further compromising it.
No comments:
Post a Comment