The AppSec Solutions team conducted a study of vulnerabilities in the development of Russian software and identified which aspects of code and programming languages are most at risk of cyberattacks.
The study was conducted on the basis of AppSec.Hub, during which DevSecOps metrics related to code flaws and data leak risks were analyzed. The analysis covered 98 development teams from various industries, including the financial sector, telecommunications, industry, and fuel and energy sector. Specialists studied more than 140 million lines of code to determine the main security risk density metrics, using weekly data on identified and uncorrected vulnerabilities.
The results of the analysis showed that programming languages have different levels of vulnerability risk. The highest risk density was recorded for software written in C# and Java. For example, C# had a median security risk density (SRD) of 4.58, which is the highest among all the analyzed languages. At the same time, the Go, Python, and SQL programming languages showed the lowest levels of risk.
Anton Basharin, Senior Managing Director at AppSec Solutions, noted that Java and C# are most vulnerable to attacks due to the many dependencies and the popularity of these languages among developers. In contrast, Go (Golang), developed by Google, is considered a more secure language due to its combination of speed and security, similar to C/C++, but with fewer opportunities for vulnerabilities.
Read materials on the topic:
Russia will entrust AI with the design of digital integrated circuits
Faster by tens of percent: Russian scientists have come up with a way to speed up microprocessors
Now on home
The complex is designed for setting up smoke screens
Candidates are entitled to determine the content and form of the election campaign themselves, the CEC explained
Modernization and equipment upgrades have made the old reactors more resistant to accidents
The company announced a tender, and the work must be completed by April 30, 2027
The development of the SITC of the Ministry of Transport will determine flood zones and risks for traffic in real time
Energy workers checked the generator for turning gear operation
The aircraft continues to carry passengers and participates in supersonic technology testing
Almost half of Russian citizens have felt the impact of neural networks on their memory, attention, and thinking
The vehicle with ADR approval is equipped with a 482 hp engine and a robotic transmission
Strongbox will equip the interiors of the helicopter carriers Vasily Trushin and Vladimir Andreev
FSB prevented illegal export of technologies in St. Petersburg