PyCon Sweden 2021

Django security against OWASP top 10
10-21, 16:00–16:25 (Europe/Stockholm), Software

Video link: https://youtu.be/lWfJfviWIBU

The OWASP Top 10 is a book/referential document outlining the 10 most critical security concerns for web application security. In this talk, we will see how underlying security in Django, protects it against OWASP top 10 vulnerabilities, ranging from SQL injection attacks to authentication and CSRF. It is one of the most complex yet interesting topics in Django that makes it an extremely powerful web framework.


As a web developer, using a framework that guarantees security is always great but it’s even better to measure all the vulnerabilities involved while building your application and to also know how to protect yourself from them. The Open Web Application Security Project (OWASP) is an online community that provides the top 10 vulnerabilities in web application security based on what security experts see while performing penetration testing. These vulnerabilities range from SQL injection attacks to authentication and CSRF and Django was built to minimize those security risks and give developers the ability to avoid and reduce those vulnerabilities by themselves by using better practices. It offers many security-minded functions right out of the box, without sacrificing ease of development and integration with both front-end and back-end components.

We will share what we have learn so far and encourage you to try it with your own projects. We'll walk through a simple example, with screenshots and code wherever required.

Pratibha is an enthusiast Pythoniasta, passionate for coding and books. Through her PyCon talks, she love to explore and share new things she learn in Python and Django.