The term "We take security seriously" has almost become a joke. Every corporation or company throws it around. Recently on a vulnerability disclosure, a megacorp stated that very line but then proceeded to hide critical details and handle things poorly.<p>What is the sniff test for you when deciding if a company actually does in fact take security seriously?<p>Also, what companies are more progressive and are actively pushing security as a differentiator? I seem to remember a company recently that not only had 3rd party code audits performed but they even disclosed details of what the auditor found. I cannot however recall the name.<p>Thanks
It’s less effective these days but it used to be very easy just check if they offer an option for two factor login... if it’s otop or sms... beyond that not sure....