Every year since 2016, Rust has been voted the most loved or admired programming language in the Stack Overflow Survey, and when we look at the self-selecting Rust community, 30% say that Rust is used for the majority of their coding in the workplace.
With the addition of Rust to Checkmarx’ diverse programming language library for Software Application Security Testing (SAST), let’s look under the hood — what’s driving this growth?
What’s Behind the Growing Interest in Rust?
Rust is a programming language that puts an emphasis on safety, performance and efficiency. It was originally built as an alternative to C and C++, offering the security and stability of managed memory without compromising high performance.
As a statically-typed language, developers rely on Rust for more reliable builds because variable and expression types are checked at compile time, enhancing the detection of errors and memory safety overall. Using features such as ownership transfer and ownership-based concurrency time, Rust can prevent memory-related problems such as null pointer differences and buffer overflows.
As well as solving memory management issues, benefits of Rust include:
- High performance: Rust is just as fast as C and C++, without compromising on memory safety, making it the best of both worlds for developers.
- Flexibility: Developers can use Rust across a wide array of platforms, including Windows, Linux and macOS. This is perfect for teams that need portability.
- Backwards compatibility: A new version of Rust is released every six weeks, with backward compatibility designed as standard, alongside feature improvements.
- Concurrency: Rust’s ownership system supports concurrent programming to allow for controlled, simultaneous access without memory challenges.
- Zero-cost abstractions: Developers can use Rust to write high-level code abstractions without overheads related to runtime performance.
- Efficiency: Rust has been found to use half as much electricity as a similar program written in Java, offering huge savings over time.
- Community: Fans of Rust (or “Rustaceans” as they call themselves!) are in the millions, which means there are many resources and forums available for education.
What Do Developers Use Rust for?
Rust is best suited for performance-critical backend systems, in verticals where high-speed processing and low-latency is critical, such as Financial Services for example. Developers love Rust’s efficient resource utilization, thread safety, and intelligent error handling for these applications.
However, as a general purpose language, you can really do anything with Rust. The original purpose of its creation was to solve an issue with an operating system, so it’s perfect for working on OS or OS-adjacent code, as well as drivers, kernels, or other low-level components. As Rust’s popularity grows, so do compatible web frameworks that allow developers to use the language to build secure web applications. Rust is often used for cryptocurrency and blockchain thanks to its speed and memory management, as well as Command Line Interface applications, embedded systems, and IoT.
Real world examples of Rust in the wild are plentiful. To name just a few, Coursera uses Rust for its online grading system, Dropbox leverages Rust for its file synchronization, and Figma leverages its concurrency for its multiplayer syncing engine to enable collaborative design work. As founding members of the Rust foundation, Microsoft has rewritten many of its core libraries using Rust, and AWS relies on it heavily for services including S3, Firecracker, and Nitro.
Meeting Developers Where They Are
In the application security world, it’s critical to continue to support developers by keeping a finger on the pulse of the industry to measure growing trends and following interest in new languages, adapting and expanding as necessary.
There’s no doubt that the growing love for Rust is related to developers’ drive for flexibility and autonomy over how they work, and we’re delighted to offer support for Rust scanning in Checkmarx One’s Software Application Security Testing (SAST).
At Checkmarx, we’re known for our rich support of programming languages, including outliers such as Dart and Flutter, languages like Lua which are primarily used for niche reasons like embedded applications, as well as older languages like Cobol and RPG. Altogether, with the new addition of Rust, you can use our SAST scanner across 31 programming languages!
More than the sheer number of languages we support however, we love the Rust mindset — core values of security and stability, with the opportunity to innovate at speed. This truly speaks to us.
Our ethos is not to shy away from more exotic or underused languages, and not to force developers to fit into our box, instead providing support for our customers with the tools and processes they use, and the way they work.
