When Bandit(s) Strike - Defend your Python Code presented at BSidesSanFrancisco 2017

by Travis Mcpeak,

Summary : Bandit is an open-source tool designed to discover common security flaws in Python code. Although Bandit was originally developed to find issues in OpenStack (a large open-source cloud platform) it has since been adopted by many Python developers outside of OpenStack. It has found dozens of critical security issues including: command injection, SQLi, insecure temporary file usage, and usage of insecure libraries.
Join Travis McPeak, one of the core developers on the Bandit project to find out: how Bandit works, how to customize it for different workflows, how to create a Security CI pipeline with Bandit, and even how to extend it.