A Data-Driven Analysis of PyCon Talks on security
According to many statistics, Python is the number-one programming language in use today, largely due to the rise of AI and machine learning research, data analysis, and related applications. However, this popularity makes Python-developed programs a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code by experts — and also AI-generated code—is not secure by default.
Python is a strong choice for developing secure programs. However, Python programs are not immune to common security weaknesses that stem from how code is designed and written.
I was curious to know how many security-related talks are held at large Python conferences, so I analysed the largest PyCon conferences of the last few years.
PyCon is an international community for the Python programming language and holds several large and small conferences each year worldwide.
This analysis was conducted by reviewing talk titles for security-related keywords. Since most attendees choose which sessions to attend based on the title, this provides a reliable metric for the visibility of security topics.
The following conferences were analysed:
EuroPython 2025
EuroPython 2024
EuroPython 2023
EuroPython 2022
PyconUS 2025
PyConUS 2024
PyconUS2023
In total, 1,092 talks were reviewed for security-related content. I found only 10 security-related talks delivered in 2025. Consequently, the proportion of security-focused Python talks at PyCon 2025 conferences was below 4%. Given the importance of security awareness for programmers, I consider this a low figure. Since organisations such as the Open Worldwide Application Security Project (OWASP – owasp.org ) Foundation are continuously working to promote secure programming practices, it is clear that more effort is needed.
Secure programming is complex and requires significant knowledge and experience, and conferences are the primary venues where such expertise is exchanged.
Below is a bar chart showing the analysis of PyCon talks per year versus PyCon security talks.
The data used for this plot can be found here in this gist.
If you want to practice secure coding for Python, use the Python Secure Coding Guidelines .
And remember: never trust, always verify Python code. Use Python Code Audit (https://github.com/nocomplexity/codeaudit) to perform a quick security scan of your own code, or of any modules before you use them!