Good protection from the moving bits added later
As a baseline, companies you buy software from should support secure authentication, using modern techniques from single sign-on to multi-factor authentication and making sure they support phishing-resistant authentication. Most importantly, has the software vendor removed default passwords or is it in the process of removing their use from all of its product lines and communicating this process?
We have used software for years that is subject to vulnerabilities such as SQL injection attacks, weak cryptography, and cross-site scripting (XSS) attacks, to name a few. Let’s push for a good communication from the vendor about how they are working to remove certain types of defects in their software that allow these attacks.
Additionally, review whether your vendors plan to migrate to memory-safe languages. Vendors should migrate to programming languages such as Rust, Go, C#, Java, Swift, Python, and JavaScript. These languages prevent certain types of memory access bugs and improve software security.
Source link