I can answer that because I do about the same.
Security related coding is done with security aware developers. They need to be trained for that.
In this particular case it is not about the tools perse - given FPC and MONO or even C++ - but about the programmers themselves.
In any language, a programmer that is not security aware can create security issues.
My recommendation would be:
- If you have a fixed team of developers, train them and train them with reputable teachers.
- If you don't, either hire such persons or outsource to a company with reputable reputation.
- Always do peer review on security essential code.
It is not a matter of the tool, but a matter of how to use that tool.
It is wrong if you do not allocate sufficient budget to do these things.
Security aware programmers tend to come at a premium. A huge premium(at least 50% extra, but usually 100% on top or more) . But in the end it will save you money and, more importantly, .... reputation.
I would recommend a CEH course, but a relevant CISSP would also be a recommendation when hiring people.
These are not directly related to coding, but are eye-openers for your team.
There are specialized international trainers for developers. (In private I can recommend some -not me, but the trainers that trained me -, but I am not an advertising company) Well worth the money.
Don't worry too much about the tool, worry about people.
In any case, Delphi, FPC and C# are less likely to shoot yourself in the foot compared to C++ if you can not affort to hire the proper people.
But then again, I am perfectly capable of shooting my toes off in any of the languages mentioned
That's a GOOD thing, btw, makes you more aware...