Google's transition to memory-safe languages like Rust has significantly reduced memory-safe vulnerabilities in Android, dropping from 76% to 24% in six years. This showcases the effectiveness of a secure-by-design approach.
According to Google's Jeff Vander Stoep and Alex Rebert, focusing on Safe Coding not only mitigates security risks but also enhances scalability and cost-effectiveness, leading to fewer vulnerabilities.
Vander Stoep and Rebert emphasize that 'the problem is overwhelmingly with new code,' highlighting the need for fundamental changes in code development to improve memory safety over time.
The decrease in memory safety vulnerabilities is attributed not only to safer code practices but also advancements in proactive tools like Clang sanitizers that replace traditional reactive patching methods.
[
Collection
]
[
|
...
]