Today, Patrick Craston, Principal Software Engineer releases a blog on how to build an insecure Django web application.
In the blog he argues that by building web applications using a modern web framework like Django security problems can be alleviated. Patrick shows how Django comes with a number of built-in features that not only help developers code more securely but actually make it really difficult to add some of the most common and most severe security vulnerabilities to a web application.
"It turns out that by trying to build an insecure application you actually learn a lot about web application security" says Patrick.