How MuleSoft patched a critical security flaw and avoided a disaster

Is this the example we would like all software vendors to follow?…:

[…] When ZDNet reached out to MuleSoft for comment, we were almost immediately pulled into a phone conference with MuleSoft Chief Technical Officer Uri Sarid and Salesforce Chief Trust Officer Jim Alkove within the hour, on a late Friday night, when most people had gone home.

They had a well-oiled machine running by that point, and some nosy reporter was about to ruin everything. Sarid and Alkove were afraid that a news article would bring unwanted attention to their company’s security flaw and could lead to attacks on some of their customers.

But instead of denying that anything was wrong, they took the time to explain the complex system they had in place to deal with this vulnerability, and by that point, it would have been irresponsible on ZDNet‘s part to publish.


Original Article