Also: We at the Linux Foundation/Open Source Security Foundation (OpenSSF) have a free course on "Developing Secure Software (LFD121)", available here: https://training.linuxfoundation.org/training/developing-secure-software-lfd121/ If you complete the course you can earn a digital badge.
It's *definitely* possible to create more secure software than is often seen in the wild. However, there's much more to it than checking arguments in function calls. Input validation (from untrusted data) is a part of it, but only a part of it. Full disclosure: I'm the author of the LFD121 course. If you see an issue in it, let us know, or even better, submit a pull request. The learning content is CC-BY-4.0: https://github.com/ossf/secure-sw-dev-fundamentals --- David A. Wheeler
