DeFi lending protocols seem to be picking up momentum as the total value locked in DeFi contracts surpassed $1bn recently couple of days ago. However, besides Maker (which forms pretty much the foundation other DeFi products build upon), most other dapps and platforms in the DeFi ecosystem may not be as secure as one would expect. Compound for one has a centralized element (admin keys), vulnerabilities of varying severity have been time and again detected and overall, when going about using a DeFi protocol or dapp it's important to first check if it has been security audited and make sure to at least glance through the report. A user going by samczsun (can check his web site and blog here) has collected a number of bounties lately, making a name for himself in discovering contract code vulnerabilities and bugs.
Gauntlet is a recently launched project which works as a simulation platform for testing and building financial models of blockchain-based protocols and applications. Various forms of insurance against vulnerabilities, bugs and such are also starting to appear. But it would seem that - at least insofar as mission critical financial applications - systems such as Tezos' and Cardano have gone about it the 'right' way. That is, using established functional programming languages (such as Haskell and OCaml) to build upon (instead of choosing custom-built ones, like Solidity, as the case with Ethereum) and making use of formal methods which verify and prove the mathematical correctness of the code before it is deployed on-chain.
Some of the dapps comprising the Ethereum DeFi ecosystem.