Ask HN: Resources for learning Defensive Programming

After reading the top comment on this article:

https://news.ycombinator.com/item?id=10969843

I was wondering if anyone can point me towards some good resources that teach the philosophy of defensive programming. I say philosophy, because I already know about some sites that talk about security (OWASP, etc...). But I am intrigued about the idea of defensive programming.

The reason I am asking is because I am working on a mobile app with a conjoined website, (python stack through and through :) and I am horrified by the mistakes I see people make and would like to avoid the more common ones.

<rant> As an aside, I would like to see the security community do a little outreach to conscientious devs about implementing security besides from the tired "security is hard" and "Don't roll your own". I understand the 2nd one, and take it to heart, but the first one doesn't help man nor beast. Yes, it's hard, now what do I have to do to be as safe as possible? </rant>