MH
Markus Holtermann
Django has been a part of my life for over 15 years. And again, in my current position as a software engineer it's the foundation of the job. While there have been times where I contributed to Django's code base regularly, these times have receded. However, I remain a member of Django's security team, which I've been on for over 9 years now.
Oh, I Found a Security Issue
Talk
This talk is your behind the scenes guide to Django's best in class security processes. I’ll give an introduction to how the team handles security issues: the triaging, fixing, disclosure process, and releases.
I will then review the history of Django’s security issues to identify hotspots and areas to look out for. Lastly, I will explore the impact of AI and LLMs on the security of Django as well as its security team.
The talk will give you everything you need, to help you interact with Django’s security team when needed, and show how Django's security process can act as an example for other open source projects.