Overview
Explore secure Python development practices in this DevConf.CZ 2023 conference talk. Delve into Python-specific security challenges, including secure package management and dependency resolution. Learn about implementing crucial security measures such as secrets management, static application security testing (SAST), and basic network security practices. Discover a range of community-supported and enterprise tools and services, from pip-tools and Bandit to HashiCorp Vault and SonarQube, that enhance Python security. Gain insights on integrating these practices and tools into continuous integration and deployment (CI/CD) workflows, empowering DevOps teams to create more secure Python tools and applications in the vibrant Python ecosystem.
Syllabus
Secure Python Development: Tips, Tricks, and Tools - DevConf.CZ 2023
Taught by
DevConf