101: Application Security - Anthony Shaw
Application security is best designed into a system from the start.
Anthony Shaw is doing something about it by creating an editor plugin that actually helps you write more secure application code while you are coding.
Anthony Shaw is doing something about it by creating an editor plugin that actually helps you write more secure application code while you are coding.
On today's Test & Code, Anthony and I discuss his security plugin, but also application security in general, as well as other security components you need to consider.
Security is something every team needs to think about, whether you are a single person team, a small startup, or a large corporation.
Anthony and I also discuss where to start if it's just a few of you, or even just one of you.
Topics include:
- Finding security risks while writing code.
- What are the risks for your applications.
- Thinking about attack surfaces.
- Static and dynamic code analysis.
- Securing the environment an app is running in.
- Tools for scanning live sites for vulnerabilities.
- Secret management.
- Hashing algorithms.
- Authentication systems.
- and Anthony's upcoming cPython Internals book.
Special Guest: Anthony Shaw.
Links:
Help support the show AND learn pytest:
- The Complete pytest course is now a bundle, with each part available separately.
- pytest Primary Power teaches the super powers of pytest that you need to learn to use pytest effectively.
- Using pytest with Projects has lots of "when you need it" sections like debugging failed tests, mocking, testing strategy, and CI
- Then pytest Booster Rockets can help with advanced parametrization and building plugins.
- Whether you need to get started with pytest today, or want to power up your pytest skills, PythonTest has a course for you.
