Over the years, FINN.no has been doing a lot of different security assessments: from the classical one test per release to regular on-site review and testing by security professionals, and more extensive bi-yearly tests.

Still, last year we discovered that the average lifetime of vulnerabilities found in production was higher than expected. The average lifetime was several years, and the outliers had been in production for a decade! We realized that the way we had done security testing did not keep up with all the changes in FINN.

The “release test” made sense back in the day when we had…

Emil Vaagland

code & infosec

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store