Original article published by Cristián Rojas at Hackmetrix Blog
The EQUIFAX USA event of 2017 put a spotlight an under-considered aspect of software security: it’s not just our code that we need to secure. The facts of the case are widely known, but its cause? Not so much. Little is said about the fact that this leak would not have taken place if the developers of the EQUIFAX application had upgraded their Apache Struts web framework to a more secure version.