Hi All,
The NSA just published Software Memory Safety.
Memory issues in software comprise a large portion of the exploitable vulnerabilities in existence. NSA advises organizations to shift from programming languages that provide little or no inherent memory protection, such as C/C++, to a memory-safe language when possible. Some examples of memory-safe languages are C#, Go, Java, Ruby™, and Swift®. Memory-safe languages provide differing degrees of memory usage protections, so available code-hardening defenses, such as compiler options, tool analysis, and operating system configurations, should be used for their protections as well. By using memory-safe languages and available code-hardening defenses, many memory vulnerabilities can be prevented, mitigated, or made very difficult for cyber actors to exploit.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------