Over the last couple of decades I have had all sort of different jobs. I have to count myself as rather fortunate for the experiences I have had along the way. They really went a long way to teach me some valuable lessons. Also, in some cases, they taught me how to hold my tongue.In one such job years ago, I was working on implementing a company wide vulnerability scanning platform. As you might imagine, especially if you have done this sort of project before, there was some land mines I had to contend with in due course.At this particular job there were all sorts of different business units who acted as individual fiefdoms and had little interest in having their system scanned by anyone. \u201cWe have a firewall, we\u2019re fine\u201d one team lead had grouched at me. \u201cWe have detection capabilities and we\u2019ll know if you scan our systems."I nodded politely and the second my office door closed I started the scan. It was already queued and ready to go before they walked into the room. Damn if those systems didn\u2019t light up like a fireworks display that could be seen from space. I found no less than three trivial remotely exploitable vulnerabilities. I sat back in my chair with my feet up. I sipped my coffee and waited.No one came running. No phone calls. No emails. Detective controls my arse.A couple days later I received a call from a \u201csecurity\u201d person who had been with the company for years in a different division. This person took the time to tell me their history and that they knew where all the bodies were buried. I nodded and waited patiently for them to arrive at their point. \u201cYou know, we don\u2019t scan certain teams servers because we have an understanding.\u201d And there it was. This person was trying to gently get me to not scan the aforementioned systems.This wasn\u2019t the surprising part. That came when this person said, \u201cWe only really ever scan up to port 1023 anyway.\u201d Suddenly there was a stabbing pain in my temple. Mostly due to the fact that the pen that had been in my hand was now planted there. \u201cI beg your pardon? Did I hear that correctly? What is the rationale for that decision?\u201dI bit my tongue at this point and waited as the taste of copper began to pervade. \u201cWell, those are the only registered ports accord to IANA. Anything using a port above 1024 is is not a system port and not permitted on the network.\u201d I was gobsmacked. I could forgive this if it was a non-technical person or someone junior but, this was a person who had been in their role for years.\u00a0\u201cI\u2019m afraid I\u2019m going have to agree to disagree with you on that point.\u201d We went back and forth for a while. Eventually I decided to scan systems regardless of this sort of nonsense despite the threats to \u201cgo over my head\u201d. I was not of a mind to play silly games while I was trying to help facilitate the business in a safe and secure fashion.This is the first of some of my old war stories that I\u2019ll be sharing this month on CSO. I hope that my pain can bring you some comfort that you are not alone.