In most cases security is not a matter of adding anything in particular, but a matter of just not making specific types of mistakes.
In most cases security is not a matter of adding anything in particular, but a matter of just not making specific types of mistakes.
Maybe I'm being dumb but that reads very contradictory? I would say that security is explicitly a matter of adding particular things.