Most security software available today is reliable, coded securely, and supports most hardening techniques natively. But many companies inadvertently introduce vulnerabilities inadvertently through their own code. These vulnerabilities can be incredibly hard to mitigate, as it may require the outright removal of the security tool in question in order to remove the offending run-time environment or libraries. Ask things like:What additional software must be present on my servers or workstations in order for your tools to run properly? If not, when do you anticipate a version that does? What sort of relationship does your development team have with the vendors who write the runtime environments or software?”]
Source: https://www.csoonline.com/article/3164552/are-your-security-tools-secure-it-all-depends.html