Literally this. For the most part this part of the industry is a fraud. They jus... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		klipklop 51 days ago \| parent \| context \| favorite \| on: Ask HN: What tech job would let me get away with t... Literally this. For the most part this part of the industry is a fraud. They just run scanning tools and hand out pdf reports. Eventually some dev or ops team will say the reasons why they currently can’t comply and the cycle will start again in 6 months. They literally do nothing and don’t even have to help integrate the security fixes. They just give reports. A sweet gig if you can get it. People rarely want to cut “security.”

makemethrowaway 50 days ago [–]

Won't they be on the hook if there is a breach?

lylejantzi3rd 48 days ago | [–]

These companies carry Errors and Omissions insurance.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact