When I see black hats exploiting gaps in security, I have to wonder, how the hell did someone find this?
Is there an algorithm? I would think the white hats would have the algorithms too?
Even in video games, how do they find such obscure holes in professional programming?
In: Technology
Every time someone closes a security hole, a new one is found. Even at companies, who do security well and try to seal every known exploit, new vulnerabilities are constantly being found.
Sometimes the company will find them before shipping the software. Some even have dedicated penetration teams. But sometimes they are found in the wild.
You cannot underestimate the tenacity of those who want to exploit your software and the creative ways they think to do so.
In many cases, companies don’t have dedicated security resources. Most programmers don’t learn much about security in school. Their job experiences won’t always teach them the right ways to do things. They may have never been in a high-risk environment and needed to think about security.
All that adds up to plenty of attack vectors.
Latest Answers