Making Python Safer Than Ever

Explore the critical aspects of Python ecosystem security in this 29-minute PyCon US talk by Cheuk Ting Ho. Delve into the challenges of maintaining security across Python's vast open-source supply chain, including over 400,000 packages on PyPI and numerous others on platforms like conda-forge. Learn about the initiatives undertaken by the Python Software Foundation's security team, supported by OpenSSF's Alpha-Omega project and AWS, to enhance the safety of the Python ecosystem. Discover best practices for Python library maintainers and users to ensure secure usage of the language. Gain valuable insights into the security audit of PyPI's codebase and infrastructure, improved security practices, and the establishment of metrics to measure security posture. Whether you're a Python user or your company relies on Python, this talk offers essential knowledge to help you use Python more safely and contribute to a more secure Python community.