Security News > 2024 > March > White House Recommends Memory-Safe Programming Languages and Security-by-Design

A new White House report focuses on securing computing at the root of cyber attacks - in this case, reducing the attack surface with memory-safe programming languages like Python, Java and C# and promoting the creation of standardized measurements for software security.

Memory safety vulnerabilities a concern in programming languages.

The report's authors state there is no "Silver bullet" solution for every cybersecurity problem, though using programming languages with memory safety built in may reduce large numbers of possible types of cyberattacks.

The ONCD points out that C and C++ are very popular programming languages used in critical systems but are not memory safe.

Python, Java, C#, Go, Delphi/Object Pascal, Swift, Ruby, Rust and Ada are some memory-safe programming languages, according to an April 2023 NSA report.

The report states "It is critical to develop empirical metrics that measure the cybersecurity quality of software." This is a more difficult effort than switching to memory-safe programming languages; after all, the challenges and benefits of creating overarching metrics or tools to measure and evaluate software security have been discussed for decades.

News URL

https://www.techrepublic.com/article/white-house-report-memory-safe-programming-languages/