Reply to post: The difference between good and bad security product

Security warning deluge from 'npm audit' is driving developers to distraction

Anonymous Coward
Anonymous Coward

The difference between good and bad security product

Is the bad one are pushing tons of errors without checking dependencies/applicability in the context.

This is not only true for products for SW, but also for infra/cloud products.

For infra/cloud, there are one or 2 that do elaborated links models between security issues, and rate them according to applicability.

Basically, red means you're already pwned already.

Rest should be analyzed carefully, minus the info that can be ignored.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021