Here I think that the object complement "endpoints" in the sentence "Developers tend to trust and not verify the endpoints [,,,]" is wrong, the problem is not trusting and not-verifying the developer's endpoint, but trusting and not-verifying the interactions with the external parties.
Here I think that the object complement "endpoints" in the sentence "Developers tend to trust and not verify the endpoints [,,,]" is wrong, the problem is not trusting and not-verifying the developer's endpoint, but trusting and not-verifying the interactions with the external parties.