Non-technical readers may be surprised to learn that software defects are the most common root cause of information security vulnerabilities. Whether through poor design, improper coding techniques, inadequate testing, or incorporation of third-party software modules of dubious quality; in many cases the threat vector is baked in before users install the software.