F5, Inc. (“F5”) engaged NCC Group to perform (i) a security assessment of critical F5 software source code, including critical software components of the BIG-IP product, as provided by F5, and (ii) a review of portions of the software development build pipeline related to the same, and designated as critical by F5 (collectively, the “In-Scope Items”). NCC Group’s assessment included a source code security review by 76 consultants over a total of 551 person-days of effort.
Sure thing. It's so hard not to hate this PR stuff when they can't even be a tiny bit humble. "The hackers were so sophisticated and organized, we didn't even have a change! They could've hacked everyone!"
> In response to this incident, we are taking proactive measures to protect our customers
Such as, fixing the bugs or the structural problems that led to you being hacked and leaking information about even more bugs that you left undisclosed and just postponed to fix it? This wording sounds like they're now going the extra mile to protect their customers and makes it sound like a good thing, when keeping your systems secure and fixing known bugs should've been the first meters they should've gone.
Just be honest, you fucked up twice. It's shit, but it happens. I just hate PR.
Especially considering who they are, Agreed. There's not an ounce of empathy I have for them. They are a backbone of the internet and should know better.
