Omniscient AppSec - Implementing Custom Security Solutions with Semgrep

Learn how to implement and maintain custom software security solutions through a 40-minute conference talk from PyCon Israel. Discover effective strategies for creating use case-specific security measures that are self-service and maintain development velocity. Explore how to use the free, open-source Semgrep tool with simple rule syntax to continuously verify secure code implementation, going beyond standard automated tools like bandit or pylint. Master techniques for monitoring disallowed functions in third-party libraries, managing security-sensitive decorators with exceptions, and identifying unsafe function calls. Gain practical insights into developing and enforcing custom security guidelines that address your specific requirements while maintaining ongoing code security verification.