Defensive programming is a pessimistic approach to software development that assumes the worst-case scenario in every situation. It involves writing code that can handle invalid, unexpected, or malicious inputs, and prevents errors from cascading through the system, much like how Facebook's "move fast and break things" motto led to a bunch of privacy scandals and congressional hearings.

How to use it in a sentence

• "I know you want to ship this feature quickly, but we need to do some defensive programming to make sure our app doesn't end up on the front page of Hacker News for all the wrong reasons."

• "Sure, we could trust that the API will always return valid JSON, but let's add some defensive programming just in case, so we don't end up like that IoT pet feeder that starved thousands of cats when their server went down."

If you actually want to learn more...

• The Basics of Web Application Security - This article highlights the importance of security in modern web development and emphasizes basic practices that every developer should follow, like using defensive programming techniques to validate inputs and prevent injection attacks.

• Improve Your Programming Skills - This blog post offers practical advice for becoming a more effective software engineer, including studying code written by top engineers at your company to understand their defensive programming techniques and design decisions.

• A Guide to Threat Modelling for Developers - This guide provides simple steps for adopting threat modeling, a risk-based approach to designing secure systems that goes hand-in-hand with defensive programming practices.

Note: the Developer Dictionary is in Beta. Please direct feedback to skye@statsig.com.