The stuff they found were some big picture stuff but also little things like misconfigured drive encryption. So even if you do the right things it's good to have someone check that the right thing has been done right. This is way too specialized for the regular dev to stay up-to-date with.

i could totally see these. it's also easy to hack up some stuff to make it work, and then forgetting about it.

thanks for sharing.