Markus Holtermann

Django has been a part of my life for over 15 years. And again, in my current position as a software engineer it's the foundation of the job. While there have been times when I contributed to Django's code base regularly, these times have receded. However, I remain a member of Django's security and ops teams, which I've been on for almost a decade now.

Oh, I Found a Security Issue

Talk

Wed 15 Apr | 11:00

30min

AMPHITHEATRE

This talk is your behind the scenes guide to Django's best in class security processes. I’ll give an introduction to how the team handles security issues: the triaging, fixing, disclosure process, and releases. I will then review the history of Django’s security issues to identify hotspots and areas to look out for. Lastly, I will explore the impact of AI and LLMs on the security of Django as well as its security team. The talk will give you everything you need, to help you interact with Django’s security team when needed, and show how Django's security process can act as an example for other open source projects.

View session