Modern Python systems are drowning in telemetry: structured logs, traces, span events, metrics, profiles, and more. Every field you add for “debuggability” is also a potential liability for security, privacy, performance, and cost. This talk explores how to build “secure-by-default observability” in Python: telemetry that helps you debug incidents at 3 a.m. without leaking secrets, personal data, or megabytes of useless payloads.

Through live code examples, you’ll see how careless logging and tracing can expose API keys, tokens, internal topology, and user data, and then learn concrete patterns to fix it: safe logging adapters, redaction and tokenization, context tagging without over-collecting, and guardrails around exception and request/response logging. The session then dives into memory and performance: how unbounded telemetry buffers, in-memory exporters, and naive batching can create leaks and latency spikes, and how to detect and fix these issues using Python’s profiling and memory tooling.

Whether you’re instrumenting a Flask/FastAPI/Django service, async workers, or data pipelines, you’ll walk away with a set of patterns and a checklist to keep your observability powerful, predictable, and safe in production.