Yes, absolutely. Oh, the amount of outdated software that your average corp runs is mind blowing. Not only that, but if you have a tight IT department, the amount of shadow IT that happens because of the too onerous processes put in place by IT will leave so much infrastructure that is critical but not managed correctly.
As a security professional, getting people to upgrade simple software is difficult enough, upgrading critical infrastructure used 24/7 by the development team... forget about it.
As a security professional, getting people to upgrade simple software is difficult enough, upgrading critical infrastructure used 24/7 by the development team... forget about it.