Learn how to build secure web applications using the flask framework. At the end of the talk, the audience should know what CSRF tokens and Cross-site request forgery attacks are and how to prevent them in their next web application, and should be educated on how to use Json Web Tokens (JWT) to securely transfer data over API requests and the consequences of not doing this well. Web security is not a thing taught by default in tutorials, and this ends up raising a generation of web developers building applications that are vulnerable to attacks taught to cyber security personnel in HACKER 101 courses. A lot of vulnerabilities exist in web apps we use and build everyday and when triggered can lead to destruction of businesses and loss of tons of money. Trust me, I’ve had experience with this and it’s not funny. The talk is aimed at the intermediate python developer who has experience using the flask framework to build web applications.