NG
Uploaded byNyarai Tinashe Gomiwa
PPTX, PDF472 views

Code - Fu: Defensive Programming

Defensive programming aims to anticipate failure points and improve software quality by making code more reliable, maintainable, and robust. It involves programming with the assumption that things can go wrong in the real world where software interacts with users and external systems. Defensive practices include validating external input, writing code with teams in mind through standards and modularity, adding error handling and logging, and assuming other developers' code could contain bugs. The goal is to create programs that work as intended and are protected from invalid or malicious data.

Embed presentation

Download to read offline
Code - Fu: Defensive Programming With great power comes great responsibility ~ Peter Paker’s Dad’s Brother Ben
1980 A radiation therapy machine was directly responsible for at least 5 patient deaths 1996 A US$1 billion exploded 40 seconds after takeoff 2012 Apple Maps gives us directions to nowhere 2016 ABSA bank double charges clients Why learn another design pattern? Because: BUGS!
Intro to Code-Fu Defensive programming, simply put, is programming with the intent to anticipate likely failure points. Defensive programming practices are often used where high reliability, safety or security is needed.
Intro to Code-Fu cont... Defensive programming aims to improve software and source code, in terms of: 1. General quality (reduce bugs) 2. Comprehensive code a. Clean b. Readable c. Understandable d. Reliable e. Maintainable f. Testable g. Robustness 3. Predictable behaviour
Mastering the ways of Code-Fu Defensive programming is really programming for the real world where if anything can go wrong it will.
Real world programs 1. Are not in isolation, you can expect user input or external input 1. Are built & maintained by teams and the individuals making the team can change over time (imagine open source projects) 1. Need to work
External/User input ● Never trust external/user input ● Remember there are also users with malicious intent What helps ● Protect your code from invalid data (data validation) ● User whitelists not blacklists ● Use database abstraction (e.g. PDO for PHP)
We work in Teams ● Trust your fellow developers but DON’T trust their code ● Defensive Programming is much like Defensive Driving assume that everyone around us can potentially and possibly make mistakes. ● Teams can consists of individuals working from different planets What helps ● Enforcing coding standards (naming conversions included) ● Write SOLID code (Encapsulation) ● Write code for the maintainer (The maintainer can be future you) ● Parameter checks at the beginning of a function/method ● Unit tests, Regression testing, Integration tests
Bad programming // ES5
Check params + Encapsulation // ES5
Programs need to work ● Imagine paying R200 per month for Software that works 30% of the time What helps ● Add diagnostic code, logging and tracing (Bugsnag/Sentry) ● Security tests
As a Defensive programmer you need to have a healthy dosage of paranoia
Too much Paranoia
Good/Bad?
QUESTIONS?

More Related Content

PPTX
Code - Fu: Defensive Programming
bySovTech (Scrums.com)
 
PDF
Engineering & security
byKaushal Parikh
 
PDF
The pragmatic programmer
byJoel Corrêa
 
PDF
Exception handling in Ruby
byAmit Patel
 
PDF
Some Myths in Software Development
bybryanbibat
 
PPTX
Cs2 Ch1
byReynolds SD
 
PPTX
Introduction to software Engineering
byMohamed Gaafar
 
PPTX
Software construction and development.pptx
byFaizanAli393009
 
Code - Fu: Defensive Programming
bySovTech (Scrums.com)
 
Engineering & security
byKaushal Parikh
 
The pragmatic programmer
byJoel Corrêa
 
Exception handling in Ruby
byAmit Patel
 
Some Myths in Software Development
bybryanbibat
 
Cs2 Ch1
byReynolds SD
 
Introduction to software Engineering
byMohamed Gaafar
 
Software construction and development.pptx
byFaizanAli393009
 

Similar to Code - Fu: Defensive Programming

PPTX
1606125427-week8.pptx
bySumbalIlyas1
 
PPTX
Defensive programming
byMark Reynolds
 
PDF
Defensive Coding Crash Course
byMark Niebergall
 
PPTX
Eirtight writing secure code
byKieran Dundon
 
PDF
Defensive Coding Crash Course Tutorial
byMark Niebergall
 
PDF
Defensive Coding Crash Course - ZendCon 2017
byMark Niebergall
 
PPTX
secure coding techniques unit-iii material
bySri Latha
 
DOCX
Defensive coding practices is one of the most critical proactive s
byLinaCovington707
 
PPTX
Developing Better Software
byHean Hong Leong
 
PPTX
An Introduction To Software Development - Implementation
byBlue Elephant Consulting
 
PDF
OWASP Secure Coding Quick Reference Guide
byAryan G
 
PDF
Why Data Security Should Be a Priority in Your Software Development Strategy?
byMars Devs
 
PPTX
Best Practices for Embedding Security in the Development Stage
byCovrize IT Solutions Private Limited
 
PPTX
07 fse implementation
byMohesh Chandran
 
PDF
Secure Coding Practices Every Developer Should Know.pdf
byZohaib Rizwan
 
PDF
Fixing security by fixing software development
byNick Galbreath
 
PDF
Linux Commands, C, C++, Java and Python Exercises For Beginners
byManjunath.R -
 
PDF
App sec and quality london - may 2016 - v0.5
byDinis Cruz
 
PPTX
LOW LEVEL DESIGN INSPECTION SECURE CODING
bySri Latha
 
PDF
Designing software with security in mind?
byOmegapoint Academy
 
1606125427-week8.pptx
bySumbalIlyas1
 
Defensive programming
byMark Reynolds
 
Defensive Coding Crash Course
byMark Niebergall
 
Eirtight writing secure code
byKieran Dundon
 
Defensive Coding Crash Course Tutorial
byMark Niebergall
 
Defensive Coding Crash Course - ZendCon 2017
byMark Niebergall
 
secure coding techniques unit-iii material
bySri Latha
 
Defensive coding practices is one of the most critical proactive s
byLinaCovington707
 
Developing Better Software
byHean Hong Leong
 
An Introduction To Software Development - Implementation
byBlue Elephant Consulting
 
OWASP Secure Coding Quick Reference Guide
byAryan G
 
Why Data Security Should Be a Priority in Your Software Development Strategy?
byMars Devs
 
Best Practices for Embedding Security in the Development Stage
byCovrize IT Solutions Private Limited
 
07 fse implementation
byMohesh Chandran
 
Secure Coding Practices Every Developer Should Know.pdf
byZohaib Rizwan
 
Fixing security by fixing software development
byNick Galbreath
 
Linux Commands, C, C++, Java and Python Exercises For Beginners
byManjunath.R -
 
App sec and quality london - may 2016 - v0.5
byDinis Cruz
 
LOW LEVEL DESIGN INSPECTION SECURE CODING
bySri Latha
 
Designing software with security in mind?
byOmegapoint Academy
 

Recently uploaded

PDF
GET /Ready How to master being a Master of Ceremonies (MC)
byImma Valls Bernaus
 
PDF
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
PDF
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
PPTX
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
PDF
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
PDF
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
PPTX
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 
PDF
What is a stablecoin and business adoption in 2026.pdf
bymeerasingh12189
 
PDF
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
PDF
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
PDF
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
PDF
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
PDF
Powering Spring AI with Model Context Protocol Integration
byJuarez Junior
 
PDF
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 
PPTX
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
PDF
Build Modern Applications with Amazon Aurora DSQL- AWS User Group Bonn 2026
byVadym Kazulkin
 
PDF
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
PDF
Supercharging Grafana with Community Plugins
byImma Valls Bernaus
 
PDF
Prompt Engineering vs Content Engineering vs RAG.pdf
byVineet Sharma
 
PDF
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 
GET /Ready How to master being a Master of Ceremonies (MC)
byImma Valls Bernaus
 
The Ultimate Guide to Real Estate Tokenization Platforms
byDaniel Smith
 
eresource Xcel ERP for Maunfacturing - Best Manufacturing ERP for SME
byeresource Infotech Pvt.Ltd
 
How CFD Simulations Support Sustainable Data Center Design Optimization
byWeb Synergies
 
Versnel innovatie met GitHub Enterprise - Rick Smit GitHub
byDelta-N
 
ACE Aarhus February 2026: Atlassian news
byDanielEriksen5
 
Prime Teams – Real-Time Employee Monitoring & Project Management Software
byPrime Teams
 
What is a stablecoin and business adoption in 2026.pdf
bymeerasingh12189
 
Jira, Powered by Enterprise-Grade Intelligence from NeoroTalks.pdf
byNeoro Talks
 
Ready, Set, REST! Introducing MySQL's Built-In REST Service
byMiguel Araújo
 
Building with AI using Local & Cloud-based AI IDE: Evaluation-Driven Developm...
byKunal Suri
 
Ontwikkel sneller en veiliger met GitHub Copilot
byDelta-N
 
Powering Spring AI with Model Context Protocol Integration
byJuarez Junior
 
openstack_operations_slides_version1.3_pp.pdf
byssuser47d511
 
‘Analyzing Application Logs Using AI’ Webinar
byTier1 app
 
Build Modern Applications with Amazon Aurora DSQL- AWS User Group Bonn 2026
byVadym Kazulkin
 
Routing Guidelines: Unlocking Smarter Query Routing in MySQL Architectures
byMiguel Araújo
 
Supercharging Grafana with Community Plugins
byImma Valls Bernaus
 
Prompt Engineering vs Content Engineering vs RAG.pdf
byVineet Sharma
 
Langchain4J – An Introduction for Impatient Developers
byJuarez Junior
 

Code - Fu: Defensive Programming

  • 1.
    Code - Fu: DefensiveProgramming With great power comes great responsibility ~ Peter Paker’s Dad’s Brother Ben
  • 2.
    1980 A radiation therapymachine was directly responsible for at least 5 patient deaths 1996 A US$1 billion exploded 40 seconds after takeoff 2012 Apple Maps gives us directions to nowhere 2016 ABSA bank double charges clients Why learn another design pattern? Because: BUGS!
  • 3.
    Intro to Code-Fu Defensiveprogramming, simply put, is programming with the intent to anticipate likely failure points. Defensive programming practices are often used where high reliability, safety or security is needed.
  • 4.
    Intro to Code-Fucont... Defensive programming aims to improve software and source code, in terms of: 1. General quality (reduce bugs) 2. Comprehensive code a. Clean b. Readable c. Understandable d. Reliable e. Maintainable f. Testable g. Robustness 3. Predictable behaviour
  • 5.
    Mastering the ways ofCode-Fu Defensive programming is really programming for the real world where if anything can go wrong it will.
  • 6.
    Real world programs 1.Are not in isolation, you can expect user input or external input 1. Are built & maintained by teams and the individuals making the team can change over time (imagine open source projects) 1. Need to work
  • 7.
    External/User input ● Nevertrust external/user input ● Remember there are also users with malicious intent What helps ● Protect your code from invalid data (data validation) ● User whitelists not blacklists ● Use database abstraction (e.g. PDO for PHP)
  • 8.
    We work inTeams ● Trust your fellow developers but DON’T trust their code ● Defensive Programming is much like Defensive Driving assume that everyone around us can potentially and possibly make mistakes. ● Teams can consists of individuals working from different planets What helps ● Enforcing coding standards (naming conversions included) ● Write SOLID code (Encapsulation) ● Write code for the maintainer (The maintainer can be future you) ● Parameter checks at the beginning of a function/method ● Unit tests, Regression testing, Integration tests
  • 9.
  • 10.
    Check params +Encapsulation // ES5
  • 11.
    Programs need towork ● Imagine paying R200 per month for Software that works 30% of the time What helps ● Add diagnostic code, logging and tracing (Bugsnag/Sentry) ● Security tests
  • 12.
    As a Defensiveprogrammer you need to have a healthy dosage of paranoia
  • 13.
  • 14.
  • 15.