Tales of Python Security
2022-07-15 , Liffey B

Security vulnerabilities receive huge publicity but also significant secrecy. In this session, we will walk through some of the biggest issues of the last few years from the perspective of a member of the Python Security Response Team. You'll learn how we work to protect all CPython users, how you can help, and how you can help protect yourself from malicious attackers.


In this session, you'll learn about recent security issues in CPython and the core parts of our ecosystem. You'll hear about the process by which they were filed, how they were reviewed, analysed, shared (when appropriate), resolved and ultimately disclosed to the public.

As well as real stories of security vulnerabilities, you'll learn how you can help by responsibly reporting potential issues, and how to protect yourself against common risks, as well as the best ways to find out about major issues and how to respond.


Expected audience expertise: Python:

none

Expected audience expertise: Domain:

some

Abstract as a tweet:

What happens when someone reports a security issue in Python? And what's the worst thing that's been reported? Join this session to hear all about it!

Steve is an engineer who tells people about Python and then gives them excuses to use it and great tools to use it with. He is a core developer and Windows expert for CPython, a member of the Python Security Response Team, and works at Microsoft as a roaming Python expert, making sure Python users are well supported across all their platforms.

This speaker also appears in: