Comment by pjmlp
2 hours ago
I fully agree with you.
I think large majority on HN works in cool startups without IT rules that could even cost their job when failing security assessments.
Another one, there is no cowboy instalation of dependencies, the CI/CD servers can only talk to internal nexus, jfrog,...
Yeah, that's pretty clear. There's a comment saying that just managing PCs is risky. I don't think most people here understand how 1000s of devices are managed in larger companies and the damage an average non technical user is capable of if just left to their own devices.