My goal is to promote good engineering and security practices, and to make it easy to adopt them and deploy them correctly. I feel that's one area that doesn't get enough attention. At the same time, it's the only direction that will actually improve things in the long run. Chasing vulnerabilities is a fact of life, but even if you could eradicate them from your software today, you're not going to be safer tomorrow.

To that end, Hardenize doesn't check for vulnerabilities. There's plenty of existing tools that do; I don't want to reinvent that wheel.