Bandit is an open-source tool designed to discover common security flaws in Python code. Although Bandit was originally developed to find issues in OpenStack (a large open-source cloud platform) it has since been adopted by many Python developers outside of OpenStack. It has found dozens of critical security issues including: command injection, SQLi, insecure temporary file usage, and usage of insecure libraries.
Join Travis McPeak, one of the core developers on the Bandit project to find out: how Bandit works, how to customize it for different workflows, how to create a Security CI pipeline with Bandit, and even how to extend it.
Travis McPeak is a Sr. Security Engineer at Netflix. He is a core developer of the Bandit, Repokid, and Aardvark projects. In his spare time he loves travel, snowboarding, and quality food/beer.
William Bengtson is an information security professional with years of experience in a variety of roles including red teaming, network security, architecture risk analysis lead, software security, exploit development, security architect lead, application developer and certification... Read More →
