ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    Solarwinds Blames Intern for Laughable Password

    News
    solarwinds news security
    7
    10
    722
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmiller
      scottalanmiller last edited by

      https://gizmodo.com/solarwinds-officials-throw-intern-under-the-bus-for-so-1846373445

      1 Reply Last reply Reply Quote 0
      • scottalanmiller
        scottalanmiller last edited by

        So let me get this straight, the blame goes to an intern rather than the system admin who gave an intern this level of power?

        If a five year old crashes your car, the blame goes to the person that gave the five year old the keys.

        1 Reply Last reply Reply Quote 0
        • dbeato
          dbeato last edited by

          It is a cop out basically even though they look really bad.

          1 Reply Last reply Reply Quote 0
          • nadnerB
            nadnerB last edited by

            Wow, that was a bunch of fail. One of the worst responses I’ve ever seen.

            “The unsupervised intern with unnecessary access did it”

            scottalanmiller 1 Reply Last reply Reply Quote 0
            • gjacobse
              gjacobse last edited by

              It’s been a number of years now that it was possible to set minimum requirements for a password. There is no reason for this to have happened...

              That said- is it the Intern’s fault, or the person / team that sets forth that policy...

              1 Reply Last reply Reply Quote 0
              • IRJ
                IRJ last edited by

                They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job. Some security firms are just happy to get a big customer's pay check, especially when they just give a thumbs up with no work being done.

                scottalanmiller 1 Reply Last reply Reply Quote 3
                • scottalanmiller
                  scottalanmiller @nadnerB last edited by

                  @nadnerB said in Solarwinds Blames Intern for Laughable Password:

                  Wow, that was a bunch of fail. One of the worst responses I’ve ever seen.

                  “The unsupervised intern with unnecessary access did it”

                  Right... they write it as if the intern granted himself access. Why is no one talking about who was giving an intern all of this access!

                  1 Reply Last reply Reply Quote 0
                  • scottalanmiller
                    scottalanmiller @IRJ last edited by

                    @IRJ said in Solarwinds Blames Intern for Laughable Password:

                    They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

                    You mean like how the government hires Solarwinds?

                    DustinB3403 1 Reply Last reply Reply Quote 0
                    • DustinB3403
                      DustinB3403 @scottalanmiller last edited by

                      @scottalanmiller said in Solarwinds Blames Intern for Laughable Password:

                      @IRJ said in Solarwinds Blames Intern for Laughable Password:

                      They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

                      You mean like how the government hires Solarwinds?

                      I have a client that uses at least one solar wind product and I shudder....

                      scottalanmiller 1 Reply Last reply Reply Quote 1
                      • scottalanmiller
                        scottalanmiller @DustinB3403 last edited by

                        @DustinB3403 said in Solarwinds Blames Intern for Laughable Password:

                        @scottalanmiller said in Solarwinds Blames Intern for Laughable Password:

                        @IRJ said in Solarwinds Blames Intern for Laughable Password:

                        They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job.

                        You mean like how the government hires Solarwinds?

                        I have a client that uses at least one solar wind product and I shudder....

                        Me too.

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post