Clojure is great for programming simple, elegant web applications. But is it possible to actually maintain a simple Clojure application without sacrificing web security? We may not be security experts, but we still need to protect our application against common attacks and take care of user authentication and authorization. Security should not be an afterthought but rather a fundamental part of the application architecture. This talk will cover basic principles to follow and introduce the main libraries available in the Clojure world for developing secure web applications.