And to bring it back to security: Basically, going with a 3rd-party framework means that you’re hoping somebody else – either another programmer, or some company’s security team – can do a better job of it than you can. That might very well be the case given how little you know right now. So it’s your choice whether you want to spend time learning how to code all that yourself or learning just enough to know how to evaluate other vendors.