Devconf.cz 2023 has ended
Back To Schedule
Sunday, June 18 • 2:00pm - 2:35pm
Secure Python Development: Tips, Tricks, & Tools

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In 2023, the Python software development ecosystem and the community that supports it remain as vibrant as ever. Therefore Python developers, especially in a DevOps environment, have many resources they can use to write more secure tools and applications. We will discuss Python-specific security challenges such as secure Python package management and dependency resolution, and Python-specific ways to implement other security measures such as secrets management, static application security testing (SAST), basic network security practices, and instituting secure best practices in the codebase. We will provide a survey of community-supported and enterprise tools and services that support these practices, from pip-tools and Bandit to HashiCorp Vault and SonarQube. We will pay particular attention to how these practices and tools can be integrated into the work of teams using continuous integration and deployment (CI/CD).

avatar for Dominic Delabruere

Dominic Delabruere

Software engineer, Red Hat
Dominic works on internal tools at Red Hat that support a secure product pipeline, with a strong focus on Python, open source, and Linux ecosystems. In their spare time, Dominic also works on music synthesis in a Linux environment and packaging applications for the Nix package ma... Read More →

Sunday June 18, 2023 2:00pm - 2:35pm CEST
A113 | Talks