September 7th–9th 2010
Portland, Oregon

Log in or Sign Up

Pony Pwning

Intermediate / Talk
September 8th 10:30 a.m. – 11:10 a.m.
Django's awesomeness unfortunately doesn't make it impenetrable. This talk will cover common pitfalls of the Django developer as seen through the eyes of a hacker or malicious user.


Django is arguably the most secure web framework. The Django team have done an excellent job making secure-by-default decisions for our web applications in many situations. Still, the last mile in development is where the bulk of security vulnerabilities can be introduced and Django's powerful flexibility allows for plenty of rope for developers to hang themselves. Understanding the vulnerabilities that can be created by common mistakes or misconceptions and overlooked details in development will be useful for any Django user.