There once was a Drupal module who wanted so badly to have a stable release, but they were insecure. As a useful and promising module to the Drupal community, they were so afraid that poor coding standards and lack of community reviews could lead to XSS, information disclosure, sql injection, and other vulnerabilities for their users.
The Drupal community is one of sharing and support. As a result, the module in this story takes the opportunity to learn and grow from the lessons of other modules and contributors to become much more secure and confident. The module becomes capable of being promoted to a full project and having a stable release. The community rejoices!
Come take a journey through this module's security audit and how their developer resolved each and every finding, following Drupal best practices for writing secure code.
Related drupal.org Security Examples sandbox
https://www.drupal.org/sandbox/shrop/2821723
Presented at Drupalcamp Atlanta 2016
http://drupalcampatlanta.com/2016/sessions/story-insecure-module