I have worked on delivering large-scale IT systems for more than 25 years. I spent my early years as an engineer, and for the last 20 years, I have worked in various architecture roles, steering development and solving complex issues. But some things never change:Cybersecurity remains a difficult and complex field. It requires expertise across many different areas, such as business and computer sciences.
(more…)Category: Security
-
Detection of malware or security weaknesses?
Almost all software is under attack today, yet many organisations remain unprepared in their defence. Every day, news emerges of computer systems being breached, frequently through vulnerabilities within the software itself.
(more…) -
Defence in Depth in Python Security: Why Using Multiple SAST Tools Matters
Defence in depth is a core security principle that relies on multiple, independent security controls. If one fails, others detect or mitigate the threat. In Python Static Application Security Testing (SAST), depending on a single scanner creates unnecessary risk and incomplete vulnerability coverage.
(more…) -
A Data-Driven Analysis of PyCon Talks on security
According to many statistics, Python is the number-one programming language in use today, largely due to the rise of AI and machine learning research, data analysis, and related applications. However, this popularity makes Python-developed programs a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code by experts — and also AI-generated code—is not secure by default.
(more…) -
The 2026 Python SAST Shortlist: What’s Actually Worth Using?
Static Application Security Testing (SAST) tools are essential, including when creating or using Python programs.
From a security-by-design perspective, ensuring that applications have no weaknesses that can be easily converted into vulnerabilities is more than just a best practice. SAST tools for Python empower developers, testers, and security teams to identify software weaknesses before code is deployed or exploited.
(more…) -
A Guide to Python Security Flaws: From Weakness to Vulnerability
In today’s digital world, security remains a critical concern. This applies equally to Python software.Python is the most widely used programming language worldwide.
To use a Python SAST scanner (Static Application Security Testing Tool) effectively, it is vital to understand the difference between a weakness and a vulnerability:
(more…) -
How To Proactively Scan Any Python Package for Security Weaknesses Before Installation
Python’s dominance as a programming language makes it a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code—including AI-generated code—is not secure by default.
The gold guiding principle for protecting your systems is simple: never trust, always verify (Zero Trust). Cybersecurity is inherently complex and mistakes are inevitable, proactive verification is an indispensable safeguard.
Python is the most widely used programming language worldwide. Many great Python programs and libraries are available on the official Python repository: PyPI.org.
Creating secure Python programs is a complex skill. So not all Python programs published on PyPI.org are created with security in mind and with the use of Python Secure Coding Guidelines. But before you install any Python program from PyPI.org with the simple command:
pip install <package-name>You should validate the Python program or library on code weaknesses. This can be done with one simple command:
codeaudit filescan <package-name> [reportname.html]You may specify a custom name for the HTML report that will be created, but this is not necessary. Python Code Audit does not install the program; it analyses the Python code safely by making use of Python’s AST (Abstract Syntax Tree) technology.
Prerequisite
Before running the codeaudit command a prerequisite is that you have Python Code Audit installed. This can be done with a single command:
pip install -U codeauditPython Code Audit is an advanced SAST tool that automates the review of Python source code to identify potential security vulnerabilities. It is designed to be simple and safe to use, catering both to security specialists and to users who want to check possible risks in a Python program before installing and running it. The manual provides detailed explanations of any found code weaknesses. Depending on your context, you must decide whether the weaknesses found pose a risk, or if you are confident enough to install and run the program.
Adhering to a simple checklist is the most effective way to prevent security disasters when running Python programs. The complete checklist to help you mitigate security risks before executing any unknown or third-party Python program is provided below:
-
Security Perspective on Python 3.14
The release of Python 3.14, released on October 7, 2025, marks a great milestone for the Python programming language. Developing a new release for the Python language is a major challenge and very hard work for many volunteers active in the Python ecosystem.
Python 3.14.0 contains many new features and optimisations compared to Python 3.13.
(more…) -
Should you use GitLabs Static application security testing (SAST) for Python?
Python security is gaining attention due to the still rising usage of Python. Python applications are not immune to common security flaws. So, security testing, especially static application security testing (SAST) on Python code, is recommended for everyone who shares code.
(more…) -
exec() in Python: Simple & smart or Career-Ending Mistake?
Python is the most widely used programming language worldwide. Its clear syntax, extensive libraries, and adaptability make it suitable for beginners, researchers, and professionals alike. But security is a growing critical concern for Python code. AI-generated code — is not secure by default and human programmers are no security experts.
A fantastic built in function that can be used in Python is `exec`.
(more…)