diff --git a/docs/security.md b/docs/security.md
index 310c665..9f48a0a 100644
--- a/docs/security.md
+++ b/docs/security.md
@@ -4,7 +4,7 @@ Allowing people to execute their own SQL directly against your database is risky
 
 Configured correctly, Django SQL Dashboard uses a number of measures to keep your data and your database server safe:
 
-- I strongly recommend creating a dedicated PostgreSQL role for accessing your database with read-only permissions granted to an allow-list of tables. PostgreSQL has extremely robust, well tested permissions which this tool can take dull advantage of.
+- I strongly recommend creating a dedicated PostgreSQL role for accessing your database with read-only permissions granted to an allow-list of tables. PostgreSQL has extremely robust, well tested permissions which this tool can take full advantage of.
 - Likewise, configuring a PostgreSQL-enforced query time limit can reduce the risk of expensive queries affecting the performance of the rest of your site.
 - Setting up a read-only reporting replica for use with this tool can provide even stronger isolation from other site traffic.
 - Your allow-list of tables should not include tables with sensitive information. Django's auth_user table contains password hashes, and the django_session table contains user session information. Neither should be exposed using this tool.