Skip to main content
EuroPythonCode of ConductBuy tickets

Writing secure code in Python

Room:
Liffey B
Start:
09:30 on 15 July 2022
Duration:
45 minutes

Abstract

The talk will analyze a series of vulnerabilities that given some common mistakes might end up damaging your Python programs (with lots of exemples!). At the end, a precaution and audit method will be presented.

TalkSecurity

Description

Is your Python code secure? This talk will show how some inattentions, mistakes and assumptions that we, as developers, carry in our code can lead to serious vulnerabilities in our applications. All of that, of course, with lots of examples! At the end, the talk will present a simple way to audit Python code in order to facilitate the maintenance of your security with the identification of possible vulnerabilities.

  • Learn how eval(), pickle, and pip are vulnerable to arbitrary code execution
  • Understand the importance of cryptographically-secure randomness
  • Learn how to audit your code and keep your programs secure
  • ... and more!

The speaker

Yan Orestes

Yan is a Brazilian Python developer, speaker, privacy freak and security enthusiast. He's worked as a teacher and takes education as a true passion in his life. Whenever he finds time, Yan ends up writing blog posts and essays and talking in conferences everywhere, following what he believes is most important in the world - sharing knowledge.



← Back to schedule