Tales of Python Security

Room:: Liffey B
Start (Dublin time):: 11:20 on 15 July 2022
Start (your time):: 10:20 on 15 July 2022
Duration:: 30 minutes

Abstract

Security vulnerabilities receive huge publicity but also significant secrecy. In this session, we will walk through some of the biggest issues of the last few years from the perspective of a member of the Python Security Response Team. You'll learn how we work to protect all CPython users, how you can help, and how you can help protect yourself from malicious attackers.

TalkSecurity

Description

In this session, you'll learn about recent security issues in CPython and the core parts of our ecosystem. You'll hear about the process by which they were filed, how they were reviewed, analysed, shared (when appropriate), resolved and ultimately disclosed to the public.

As well as real stories of security vulnerabilities, you'll learn how you can help by responsibly reporting potential issues, and how to protect yourself against common risks, as well as the best ways to find out about major issues and how to respond.

The speaker

Steve Dower

Steve is an engineer who tells people about Python and then gives them excuses to use it and great tools to use it with. He is a core developer and Windows expert for CPython, a member of the Python Security Response Team, and works at Microsoft as a roaming Python expert, making sure Python users are well supported across all their platforms.