Insecure Configuration

Why is this important?

Python and frameworks like Flask/Django are very popular. While they follow secure patterns by default, there are instances where it can be configured insecurely.

Fixing Insecure Configuration

Option A: Disable Flask Debug

  1. Go through the issues that GuardRails identified in the PR.
  2. Identify code with this pattern:

    # This would enable the Werkzeug utility that can be abused by attackers.
  3. Replace it with the following code:
  4. Test it

  5. Ship it 🚢

More information: