Security is tough. It’s so easy to forget something or get a couple of things wrong. The stakes have also never been higher - announcements about a company getting hacked come out weekly. So what can we do?

One part of the solution is tooling. OpenStack’s security team created Bandit to help them solve the problem of doing security reviews on 18+ projects. It’s an open source tool that we can use to scan our code and find out if we’re calling insecure or deprecated functions.

In these slides, I cover some of my findings from running Bandit on 16 popular open-source Python projects as well as some of the potential security flaws that Bandit can identify.

I originally gave this talk at a SoCal Python meetup.


Additional Reading

Referenced Resources