How Do the Top Programming Languages Measure Up When it Comes to Security?
We all know that behind every developer is a beloved and often contentious programming language. In heated debates over which language is the best, the security card usually comes into play in support of one language or to discredit another. We decided to address this debate once and for all and put it to the test by taking a close look at seven of the most popular programming languages today to see which are the most secure.
Some developers and researchers claim that there is one language that is more or less secure than another, the truth is that there are many factors that go into choosing a programming language, and it’s up to us to make sure, when we use it, that we are doing everything we can to ensure our software project’s security.
The research below is based on WhiteSource’s comprehensive database which aggregates information on open source vulnerabilities from multiple sources like the National Vulnerability Database (NVD), security advisories, GitHub issue trackers, and popular open source projects issue trackers.
Of the 200+ languages that the database covers, we focused on open source security vulnerabilities in the seven most widely used languages over the past ten years to find out which programming languages are most secure, which vulnerability types (CWEs) are most common in each language, and why.
This is what we found…