06-29, 16:30β16:50 (Asia/Jerusalem), Hall 3
Python remains a very popular programming and scripting language in the DevOps ecosystem for building CI/CD pipelines. In the same way we think about how we design and build our Python applications, we need to design, build and automate security.
The minimum viable security (MVS) approach, enables us to easily bake security into our config files, apps, and CI/CD processes with a few simple controls built for Python applications.
In this talk we will focus on five critical security controls that will be integrated as part of the CI/CD pipeline: Bandit for static application security (SAST), Gitleaks to detect hard-coded or insufficiently secured secrets, Python dependency checks (SCA), infrastructure as code (IaC) and ZAP for API and dynamic application security (DAST), in addition to custom controls to ensure proper enforcement of MFA via Github Security. These controls will provide a foundational framework for securing Python applications, from the first line of code, that will make it possible to continuously iterate and evolve our security maturity, for advanced layers of security that often comes with time, as well as increased experience.
Code examples will be showcased as part of this session.
English
Target audience βSecurity Experts
Other (target audience) βDevOps / DevSecOps
Michael is a seasoned software engineer with experience from the backend through the frontend, security and much more. Having held a diversity of roles at leading companies such as Spotlight, Bluevine, Orchestra group, today he channels his passion for Python, and specifically Django towards making security a first-class citizen in development from the first line of code as a fullstack engineer at Jit. He also is an animal lover, provided the animals are cats.