The AppSec Solutions team conducted a study of vulnerabilities in the development of Russian software and identified which aspects of code and programming languages are most at risk of cyberattacks.
The study was conducted on the basis of AppSec.Hub, during which DevSecOps metrics related to code flaws and data leak risks were analyzed. The analysis covered 98 development teams from various industries, including the financial sector, telecommunications, industry, and fuel and energy sector. Specialists studied more than 140 million lines of code to determine the main security risk density metrics, using weekly data on identified and uncorrected vulnerabilities.
The results of the analysis showed that programming languages have different levels of vulnerability risk. The highest risk density was recorded for software written in C# and Java. For example, C# had a median security risk density (SRD) of 4.58, which is the highest among all the analyzed languages. At the same time, the Go, Python, and SQL programming languages showed the lowest levels of risk.
Anton Basharin, Senior Managing Director at AppSec Solutions, noted that Java and C# are most vulnerable to attacks due to the many dependencies and the popularity of these languages among developers. In contrast, Go (Golang), developed by Google, is considered a more secure language due to its combination of speed and security, similar to C/C++, but with fewer opportunities for vulnerabilities.
Read materials on the topic:
Russia will entrust AI with the design of digital integrated circuits
Faster by tens of percent: Russian scientists have come up with a way to speed up microprocessors
Now on home
In the summer, the same drones monitored forest fires on 2.6 million hectares
A special climate chamber simulates a driving cycle at temperatures from -30 to +30 degrees
The application was submitted to Rospatent from Germany in September 2025
The products will be supplied to Russian and Belarusian manufacturers of agricultural machinery, electric motors and cars
The product is intended for the overhaul of the second unit of the Kaliningrad CHPP-2
The share of imported radio electronics in the Russian market is 74%, the project will help reduce dependence
After receiving the code, the attackers take possession of the victim's account
Chelyabinsk Radio Plant "Polet" delivered the equipment ahead of schedule
The development uses distributed microphones and allows determining the type of UAV by its acoustic signature
The database contains over 6,000 elastomer formulas and is constantly being updated
Russian-made aircraft were shown at Meiktila Airfield