Application security is best designed into a system from the start.
 Anthony Shaw is doing something about it by creating an editor plugin that actually helps you write more secure application code while you are coding.

On today's Test & Code, Anthony and I discuss his security plugin, but also application security in general, as well as other security components you need to consider.

Security is something every team needs to think about, whether you are a single person team, a small startup, or a large corporation.

Anthony and I also discuss where to start if it's just a few of you, or even just one of you.

Topics include:

• Finding security risks while writing code.
• What are the risks for your applications.
• Thinking about attack surfaces.
• Static and dynamic code analysis.
• Securing the environment an app is running in.
• Tools for scanning live sites for vulnerabilities.
• Secret management.
• Hashing algorithms.
• Authentication systems.
• and Anthony's upcoming cPython Internals book.

Special Guest: Anthony Shaw.

Links:

• Python Security - plugin for PyCharm
• Bandit
• Hack The Box