Depending on how strongly you feel about the issue and how much support you can get from your internal application...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
team, you can make a public stink about your concerns. I know a lot of media outlets would jump at the chance to talk to an unsatisfied customer. That generates a lot of page views!
A somewhat less aggressive approach would be to work within your application vendor's user group. These are usually independent operations that produce newsletters, organize conferences and the like. You can network with other users to figure out if you are the only one that thinks it's a problem, and if not, then you can organize a mass movement to get the vendor's attention.
Short of that, you need to grin and bear it. Hopefully you'll also be able to make the case as to why your application teams should be consulting the security group before they commit significant time and resources in implementing insecure applications.
For more information:
Dig Deeper on Security vendor mergers and acquisitions
Related Q&A from Mike Rothman
The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ...continue reading
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.