Programming languages for more secure development

Ola Bini Paranoia Principal
Programming languages for more secure development
May 12, 2025

When starting a new development project, there exists many choices that can be made. These choices will often have a large impact on both functional and non-functional aspects of the project. In this article, we will consider the impact the choice of programming language will have on the security of your project, and we will plant the idea that choice of programming environment can considerably improve the security of your system. Of course, depending on the kind of project, there exists a range of constraints, which we will also analyze.

The choice of programming language might seem like a strange topic, but the truth is that a competent development team can gain considerable leverage by using the right tools for development. And the programming language used might be the most important one.

Maybe the most important consideration in the choice of language for security is whether the language requires manual memory management or not. The reason for this is that manual memory management is associated with a class of catastrophic vulnerabilities that still remains the among the most severe in all deployed software. For this reason, we recommend against using programming languages such as C, C++, Assembly and Objective-C, unless you really have no other choice. In most circumstances, it is possible to use other languages that have better properties. For low-level programming, both Go and Rust have shown themselves to be very capable. If you are writing software for the Mac or the iPhone, you can choose Swift instead of Objective-C.

In some cases, it is simply not possible to avoid low-level languages with dangerous features. In these cases, there exists patterns that can be used to minimize the risk of certain vulnerabilities. Each language will have their own guide, but a typical example is how in C++ you can use smart pointers to implement the pattern of RAII which reduces the risk of memory leaks. Another suggestion is to write the minimum possible in the low level language and use that part from a higher level language.

When writing software for Android, it is possible to use C and C++, but it is not recommended. The default language for Android is Java, but many companies are moving to Kotlin instead. The reason for this is that the code becomes more high level, making it easier to understand and reason about the code. And if the code is easier to understand, it is also easier to make sure it does the right thing.

A large amount of code is written for web systems and APIs of different kinds. This is one situation where companies have free reign - almost any programming language can be used for this purpose. But the choices made still have implications for security. Maybe the most common languages for these kinds of purposes are PHP and JavaScript. The reason being that it is very simple to get started with these languages. Many companies also already have developers that know JavaScript since it is necessary for most websites - and they end up using them for writing the backend code as well.

PHP and JavaScript share another characteristic, which is that they are weakly typed. This means that objects can easily be coerced into different types, sometimes without the developer even knowing. This means that very unexpected behavior can result. PHP also has a range of features that make it easy to quickly make a dynamic website, but makes it very hard to write clean and maintainable code. Another problem with JavaScript is the sprawling range of malicious code that exists in the package management repositories. It is far too easy to install a package that turns out to have a backdoor. For this reason, we recommend against using PHP and JavaScript as much as possible.

Here at CAD, we are quite partial to Go. It is a reasonably low level language that still has high level features. This makes it easy to write simple and clean code that obviously does what it looks to be doing. The Go package ecosystem is very evolved and the quality of both the builtin packages and third-party packages is very high. You also have access to good cryptographic implementations.

If you are working on low level systems, nothing can beat Rust. Yes, it takes sometime to get used to, but once you understand how to use its unique features, it is an extremely powerful environment, which still makes it easy to implement secure code.

And what about the other languages out there? What about Java? Python? Ruby? We certainly have our favourites. But all three of them have sufficient features available to write secure code. They all have decent libraries. So if your company is using one of these languages, it’s all good. Just implement some secure coding practices and think about the architecture of your system. In that way, it should certainly be possible to write secure code.