Twitter report and SRE
The Twitter Whistleblower Report given by Peiter “Mudge” Zatko makes horrifically fascinating reading.
You can read it here, all 84 pages.
It’s from August but highlights include:
* No SDLC or separate development environments
* Not possible to secure production environments
* No device management or backups
* No privileged access management/control