Advanced security topics

A session at DjangoCon US 2011

Thursday 8th September, 2011

1:30pm to 2:10pm

An in-depth look (with demonstrations) at the how and why of several advanced security topics. Discussion of ways to improve security of the framework moving forward.

This talk will introduce several advanced security topics, and discuss how Django fares. Topics will include timing attacks, man-in-the-middle, hashing issues, brute force attacks, and several topics that can’t currently be discussed (pending fixes in core). Expect practical demonstrations of “theoretical” vulnerabilities.

The second half of the talk will focus on how we can improve Django’s security in the future. How can we improve response time and transparency for security issues? How can we make it easier to provide security enhancements for new code while retaining backwards compatibility? How can the community work to support security work that is low on the priority list for current core devs?

About the speaker

This person is speaking at this event.
Paul McMillan

I do security for Python and Django. I also take pictures and enjoy cocktails. bio from Twitter

Coverage of this session

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 1:30pm2:10pm PST

Date Thu 8th September 2011

Short URL


Official session page


View the schedule



See something wrong?

Report an issue with this session