Almost everyone can develop in PHP; but really not everyone should do it. The same happens in Drupal; this is a really powerful and extensible CMS. Usually it's very safe; but; if you don't follow some basic security measures; it's really easy to transform your powerful and safe site into a collection of security holes.
Almost everyone can develop in Drupal; but it's not the same thing just development and performance focused development.
In this session; you'll learn some basic security and performance guidelines for making great Drupal developments; like:
- Never trust in the user
- Sanitize everything
- Create forms securely
- File management
- Safely impersonating another user
- No variable_set abusing
- Correct use of external APIs
- Correct Session use
- Debugging options only in dev environment
- Using cache
- and some other good practices

Many of these things are also applicable to Drupal 8