Securing Code with the Python Type System

Explore how Python's type system can be leveraged to enhance code security in this 28-minute PyCon US talk. Learn to use simple type annotations to prevent logic errors, implement PEP 675 to guard against injection vulnerabilities, and utilize runtime type validation for secure handling of user-controlled data. Discover how typing enables powerful static taint flow analysis tools like Pysa and CodeQL to detect complex vulnerabilities across multiple functions. Gain insights into the limitations of typing-based security approaches and understand where they may fall short. Access accompanying slides for a comprehensive overview of typing techniques for improved code security.

Talk - Graham Bleaney/Pradeep Kumar Srinivasan: Securing Code with the Python Type System