I, too, work for a fortune 500. They're actually in the top 100. No idea how many employees, though.
Every instance I've encountered with an engineer having root/admin permissions has been a shitshow.
I just now encountered an instance of engineers bypassing policy by modifying sudoers to give a lower priv'd generic/shared account passwordless sudo to shit like /usr/bin/make.
The other project I was on, I had to fight with engineers about why having a firewall on your appliance doesn't negate the need to address code execution exploits behind the firewall. These aren't security-savy individuals and they shouldn't ever be given administrative access to anything.
I'm glad you don't work for me, too; I can't stand leadership positions. I work in security and all I see are engineers fucking up daily, so I'm pretty jaded/biased at this point.
Every instance I've encountered with an engineer having root/admin permissions has been a shitshow.
I just now encountered an instance of engineers bypassing policy by modifying sudoers to give a lower priv'd generic/shared account passwordless sudo to shit like /usr/bin/make.
The other project I was on, I had to fight with engineers about why having a firewall on your appliance doesn't negate the need to address code execution exploits behind the firewall. These aren't security-savy individuals and they shouldn't ever be given administrative access to anything.
I'm glad you don't work for me, too; I can't stand leadership positions. I work in security and all I see are engineers fucking up daily, so I'm pretty jaded/biased at this point.