— This post is part of a series of monthly blog posts about all kinds of Security topics for Developers —
Security experts, penetration testers, developers, administrators, and anyone else who creates or deploys software will often ask the question “Just how closely should I guard the version numbers of software and libraries that I use?”
Today, we are going to look at some answers to that question, and why we might choose one approach over another.
— This post is part of a series of blog posts about all kinds of Security topics for Developers —
Imagine the following: You set up your blog a while ago. Everything is running smoothly. You add a few plugins here and there to make managing it easier, and you are using a custom theme so it looks enticing to new visitors.
One day, on a routine check of the comments you received, you decide to investigate one comment a bit more closely since it contains a link. You don’t want to end up supporting spam messages, so you decide to click the link and see what it’s all about.