Solarwinds Blames Intern for Laughable Password
-
-
So let me get this straight, the blame goes to an intern rather than the system admin who gave an intern this level of power?
If a five year old crashes your car, the blame goes to the person that gave the five year old the keys.
-
It is a cop out basically even though they look really bad.
-
Wow, that was a bunch of fail. One of the worst responses I’ve ever seen.
“The unsupervised intern with unnecessary access did it”
-
It’s been a number of years now that it was possible to set minimum requirements for a password. There is no reason for this to have happened...
That said- is it the Intern’s fault, or the person / team that sets forth that policy...
-
They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job. Some security firms are just happy to get a big customer's pay check, especially when they just give a thumbs up with no work being done.
-
@nadnerB said in Solarwinds Blames Intern for Laughable Password:
Wow, that was a bunch of fail. One of the worst responses I’ve ever seen.
“The unsupervised intern with unnecessary access did it”
Right... they write it as if the intern granted himself access. Why is no one talking about who was giving an intern all of this access!
-
@IRJ said in Solarwinds Blames Intern for Laughable Password:
They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.
You mean like how the government hires Solarwinds?
-
@scottalanmiller said in Solarwinds Blames Intern for Laughable Password:
@IRJ said in Solarwinds Blames Intern for Laughable Password:
They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.
You mean like how the government hires Solarwinds?
I have a client that uses at least one solar wind product and I shudder....
-
@DustinB3403 said in Solarwinds Blames Intern for Laughable Password:
@scottalanmiller said in Solarwinds Blames Intern for Laughable Password:
@IRJ said in Solarwinds Blames Intern for Laughable Password:
They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.
You mean like how the government hires Solarwinds?
I have a client that uses at least one solar wind product and I shudder....
Me too.