diff --git a/lower-constraints.txt b/lower-constraints.txt
index 76fce7c973..8847146248 100644
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@@ -19,6 +19,7 @@ Django==1.11
 django-appconf==1.0.2
 django-babel==0.6.2
 django-compressor==2.0
+django-debreach==1.4.2
 django-pyscss==2.0.2
 doc8==0.6.0
 docutils==0.11
diff --git a/openstack_dashboard/settings.py b/openstack_dashboard/settings.py
index 0bd097c575..197be7c3c9 100644
--- a/openstack_dashboard/settings.py
+++ b/openstack_dashboard/settings.py
@@ -110,6 +110,7 @@ OPENSTACK_IMAGE_BACKEND = {
 }
 
 MIDDLEWARE = (
+    'debreach.middleware.RandomCommentMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
@@ -184,6 +185,7 @@ INSTALLED_APPS = [
     'django.contrib.staticfiles',
     'django.contrib.humanize',
     'django_pyscss',
+    'debreach',
     'openstack_dashboard.django_pyscss_fix',
     'compressor',
     'horizon',
diff --git a/releasenotes/notes/bp-mitigate-breach-attacks-dd54b705e22363b0.yaml b/releasenotes/notes/bp-mitigate-breach-attacks-dd54b705e22363b0.yaml
new file mode 100644
index 0000000000..ff3ce1412e
--- /dev/null
+++ b/releasenotes/notes/bp-mitigate-breach-attacks-dd54b705e22363b0.yaml
@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    [:blueprint:`mitigate-breach-attacks`]
+    Adding Django-debreach module to mitigate breach attacks. Enabling
+    the RandomCommentMiddleware to counter breach attack by randomising
+    the content length of each response.
diff --git a/requirements.txt b/requirements.txt
index a889154552..93d2971be0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,6 +14,7 @@ Django<2,>=1.11;python_version<'3.0'  # BSD
 Django<2.1,>=1.11;python_version>='3.0'  # BSD
 django-babel>=0.6.2 # BSD
 django-compressor>=2.0 # MIT
+django-debreach>=1.4.2 # BSD License (2 clause)
 django-pyscss>=2.0.2 # BSD License (2 clause)
 futurist>=1.2.0 # Apache-2.0
 iso8601>=0.1.11 # MIT