Discussion about this post

User's avatar
John Allen's avatar

I get your point, but I'm really not sure that I agree.

Trying to do everything yourself without a huge team and endless resources is a risky strategy. You probably don't have the resources to track each and every threat vector and attack surface. Using vendors lets you benefit from their economies of scale, and you can supplant that with your own special sauce and deep knowledge of your threat and risk modeling...

I see that as a much more attractive solution, and it doesn't hurt that "no one ever got fired for buying IBM..."

Expand full comment

No posts