Mitre’s D3FEND matrix documents ways to harden the network, detect and isolate threats, and deceive and evict attackers from your network. CSO can discuss these concepts with your software vendors and query them about their security processes. You might have influence on software choices, but you might not have the ability to influence the actual software coding. You can hire consultants to review your internal code projects to ensure that your applications are designed with security in mind. You might not be able to influence software choices.”]
Source: https://www.csoonline.com/article/3625228/best-mitre-d3fend-advice-to-harden-windows-networks.html