Question for #Pentesters, #Developers and #ProductSecurityEngineers.
Scenario: If you have a software which uses 100’s of dependencies, there are no security issues reported but lots of dependencies are outdate and newer versions are available. Lets say sometimes versions are as old as 3-5 yrs.
This could be the software you are building or maintaining as inheritance. This could be a software you are testing. This could be a software you were evaluating for your corporate environment.
Question: Whats the most common excuse you have heard or have had for not upgrading the dependencies?
#InformationSecurity #applicationSecurity