Securing Code with the Python Type System
Offered By: PyCon US via YouTube
Course Description
Overview
Explore how Python's type system can be leveraged to enhance code security in this 28-minute PyCon US talk. Learn to use simple type annotations to prevent logic errors, implement PEP 675 to guard against injection vulnerabilities, and utilize runtime type validation for secure handling of user-controlled data. Discover how typing enables powerful static taint flow analysis tools like Pysa and CodeQL to detect complex vulnerabilities across multiple functions. Gain insights into the limitations of typing-based security approaches and understand where they may fall short. Access accompanying slides for a comprehensive overview of typing techniques for improved code security.
Syllabus
Talk - Graham Bleaney/Pradeep Kumar Srinivasan: Securing Code with the Python Type System
Taught by
PyCon US
Related Courses
CodeQL Roundtable: Leveraging Static Analysis for Bug BountiesBugcrowd via YouTube Discover Vulnerabilities with CodeQL
HackerOne via YouTube Event-based Fuzzing, Patch-based Research, and Comment Police - Finding Bugs Through a Bug
Black Hat via YouTube Protect Your Code with GitHub Security Features
GOTO Conferences via YouTube Security as Code - A DevSecOps Approach
NDC Conferences via YouTube