Defensive Design

Defensive design is the engineering practice of assuming that users will make mistakes, components will fail, and adversaries will attack — and building the system to absorb these events without catastrophic loss. It is the civilian cousin of fail-safe and graceful degradation, applied not to hardware failure modes but to human error, malicious input, and environmental unpredictability.

The principle appears across domains. In software, defensive design means validating every input, sanitizing every database query, and never trusting data from external sources — the origin of the maxim never