{"id":20239,"date":"2016-02-01T16:15:00","date_gmt":"2016-02-01T16:15:00","guid":{"rendered":"http:\/\/cloudcomputing.sys-con.com\/node\/3656620"},"modified":"2016-02-01T16:15:00","modified_gmt":"2016-02-01T16:15:00","slug":"why-appsec-vulnerabilities-are-dismissed-as-theoretical-or-false-by-codecurmudgeon-cloudexpo-cloud","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/why-appsec-vulnerabilities-are-dismissed-as-theoretical-or-false-by-codecurmudgeon-cloudexpo-cloud\/","title":{"rendered":"Why Appsec Vulnerabilities Are Dismissed as &#8216;Theoretical&#8217; or &#8216;False&#8217; By @CodeCurmudgeon | @CloudExpo #Cloud"},"content":{"rendered":"<p>In a previous post on theoretical Appsec vulnerabilities, I covered how &#8220;it&#8217;s theoretical&#8221; is misused by those who are trying to avoid fixing a security vulnerability or taking responsibility for it-for example, the Lenovo Superfish breach, Heartbleed, and airline wifi attacks.<\/p>\n<p>The idea that a vulnerability is merely theoretical is not only ignorant but dangerous. Software exploits occur because bad actors operate by finding unexpected loopholes in a software system. Think of it this way &#8211; if you left your door unlocked is it a security issue? Or perhaps &#8220;If an unlocked door is never entered, is it really unlocked&#8221; if you&#8217;re a philosopher. One could contend that the risk is theoretical, but most of us would say that such a statement is ridiculous. (Props to those who live in an area where door security isn&#8217;t required.)<\/p>\n<p><a href=\"http:\/\/cloudcomputing.sys-con.com\/node\/3656620\" >read more<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a previous post on theoretical Appsec vulnerabilities, I covered how &#8220;it&#8217;s theoretical&#8221; is misused by those who are trying to avoid fixing a security vulnerability or taking responsibility for it-for example, the Lenovo Superfish breach, Heartbleed,&#8230;<\/p>\n","protected":false},"author":143,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[],"class_list":["post-20239","post","type-post","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/20239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/143"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=20239"}],"version-history":[{"count":3,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/20239\/revisions"}],"predecessor-version":[{"id":22044,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/20239\/revisions\/22044"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=20239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=20239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=20239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}