Comment by threeseed

> Lots of government websites are vulnerable early on

Would like to see a source on this.

Governments are similar to large enterprises whereby every bit of code going into Production requires a full security, architecture and site reliability review.

There is no doubt bugs in bespoke web applications but for your typical website.