Enterprise applications pose tempting targets to developers, IT admins, and other insiders with the technical know-how to tamper with code
When most security pros think about application security, the first goal that usually comes to mind is finding and remediating flaws in development and production. But what if the bugs put in place are no accident? What if they're planted there on purpose by someone in the organization who knows where to hide them?
Read the rest here: https://www.darkreading.com/risk/taking-steps-to-stop-software-sabotage/d/d-id/1139518