A brontosaurus working on a classic car. [Generated by Google Gemini]
At BrontoSource, we are language nerds with deep expertise in and fondness for C and C++. Unfortunately, C and C++ are a major source of security vulnerabilities. Their lack of memory safety causes 70% of security vulnerabilities across a wide range of codebases including Chrome, Android, and Microsoft. This is in spite of Google’s tremendous investments in dynamic vulnerability tracing and detection techniques like sanitizers, memory tagging, and fuzz testing. Meanwhile, the Android project has observed a massive reduction in the number of new vulnerabilities discovered after shifting new development to Rust.
At the same time as practitioners see meaningful improvements to cybersecurity by shifting to Rust, the United States’s Cybersecurity & Infrastructure Security Agency (CISA) has been issuing ever more pressing directives to move away from C and C++.
CISA is now asserting that companies should have a memory safety roadmap as a standard best practice on par with following CVE procedures and updating dependencies with known security vulnerabilities. The EU is passing similar cybersecurity rules with NIS2 starting to take effect already.
Until recently, there was no credible replacement for C and C++ in embedded and high performance systems, but Rust has eliminated that gap. Rust is now a supported language in the linux kernel, with toolchains certified for automotive and industrial application.
Rust is a high performance language capable of addressing cybersecurity risks, while simultaneously allowing for an incremental migration of large systems. BrontoSource provides tools and expertise to help you shift your codebase safely, incrementally, and automatically to Rust.
