So I have worked in Security my whole career. I worked in Vulnerability Management/penetration testing for a top Finicial Service company as well.
To give you a bit of background, my job was to find vulnerabilities in our companies network (both internally and externally) and I would assist in remediating them. You ALWAYS make sure anything that touches the internet is squeaky clean.
From the what I saw, if I had ever opened a server to the internet with the number of vulnerabilities these servers had (and these vulnerabilities were CRITICAL severity) i would be immediately fired.
So I have worked in Security my whole career. I worked in Vulnerability Management/penetration testing for a top Finicial Service company as well.
To give you a bit of background, my job was to find vulnerabilities in out companies network (both internally and externally) and I would assist in remediating them. You ALWAYS make sure anything that touches the internet is squeaky clean.
From the what I saw, if I had ever opened a server to the internet with the number of vulnerabilities these servers had (and these vulnerabilities were CRITICAL severity) i would be immediately fired.