I think it's partly the phrase "Security experts declare" which is likely to be what's rubbing people up the wrong way.
The security auditors themselves would never actually word it like that in their reports, because the statement implies a degree of certainty that cannot really exist.
Here's an example of what the auditor's actually said:
"Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest."
There's a reason that audit reports will never say outright that something is "secure". They may say something like "strong and effective security measures are in place", but that's a very different kind of statement.
I think the article itself is great but the headline just falls on the wrong side of being a bit hyperbolic and seems to be optimised for marketing impact over accuracy.
The security auditors themselves would never actually word it like that in their reports, because the statement implies a degree of certainty that cannot really exist.
Here's an example of what the auditor's actually said:
"Auditors identified two low-severity vulnerabilities. Additionally, five general recommendations were reported. At the same time, we confirm that no important security issues were identified during the pentest."
There's a reason that audit reports will never say outright that something is "secure". They may say something like "strong and effective security measures are in place", but that's a very different kind of statement.
I think the article itself is great but the headline just falls on the wrong side of being a bit hyperbolic and seems to be optimised for marketing impact over accuracy.