Sign up to save your podcasts
Or
Share #153 - Elevating Python Security: A Conversation with PyPI's Safety & Security Engineer Mike Fiedler
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
#153 - Elevating Python Security: A Conversation with PyPI's Safety & Security Engineer Mike Fiedler
This week we interview Mike Fiedler, the PyPI Safety & Security Engineer at the Python Software Foundation (PSF).
We discuss the importance of security within the Python ecosystem and offering practical advice for Python developers to enhance their security awareness.
Highlights include a deep dive into PyPI security measures, the challenges of securing the Python ecosystem, tips for Python developers, and Mike's journey to his current and previous (DevOps) roles, emphasizing the blend of technical skills and mindset needed to tackle security and solving challenges problems effectively.
Enjoy this episode with Mike Fiedler!
Chapters:
00:00 Show intro
01:20 Intro to audience and stateless testing win
08:24 Transition into PyPI security and current role
17:43 Challenging securing the Python ecosystem
24:48 Tips for Python devs to be more security aware
27:18 PDM ad segment
27:44 Security tips cont'd
33:16 Solving a puzzling problem in production (mindset)
39:40 Psychological safe workplaces / blame vs accountability
44:18 Security trends, how to prepare, and resources
48:05 Books and wrap up
---
Pybites ad segment: apply for Python coaching here.
---
Show links:
- pytest-randomly
- pytest-socket
- Brian Okken's pytest content
- PyPI blog
- Trusted Publishers
- 2FA Required for PyPI
- git annotate
- Asimov Robot series
- Silo
- CPython 3.12.2 is SBOM-ified
- Trail of Bits blog
- Fastly blog
- Disaster recovery for Consul clusters (now this exists!)
- Bandit
- Pre-commit
Reach out to Mike here.
View all episodes
By Julian Sequeira & Bob Belderbos
4.8
44 ratings
This week we interview Mike Fiedler, the PyPI Safety & Security Engineer at the Python Software Foundation (PSF).
We discuss the importance of security within the Python ecosystem and offering practical advice for Python developers to enhance their security awareness.
Highlights include a deep dive into PyPI security measures, the challenges of securing the Python ecosystem, tips for Python developers, and Mike's journey to his current and previous (DevOps) roles, emphasizing the blend of technical skills and mindset needed to tackle security and solving challenges problems effectively.
Enjoy this episode with Mike Fiedler!
Chapters:
00:00 Show intro
01:20 Intro to audience and stateless testing win
08:24 Transition into PyPI security and current role
17:43 Challenging securing the Python ecosystem
24:48 Tips for Python devs to be more security aware
27:18 PDM ad segment
27:44 Security tips cont'd
33:16 Solving a puzzling problem in production (mindset)
39:40 Psychological safe workplaces / blame vs accountability
44:18 Security trends, how to prepare, and resources
48:05 Books and wrap up
---
Pybites ad segment: apply for Python coaching here.
---
Show links:
- pytest-randomly
- pytest-socket
- Brian Okken's pytest content
- PyPI blog
- Trusted Publishers
- 2FA Required for PyPI
- git annotate
- Asimov Robot series
- Silo
- CPython 3.12.2 is SBOM-ified
- Trail of Bits blog
- Fastly blog
- Disaster recovery for Consul clusters (now this exists!)
- Bandit
- Pre-commit
Reach out to Mike here.
More shows like Pybites Podcast
View all
Talk Python To Me
589 Listeners
CyberWire Daily
1,017 Listeners
Super Data Science: ML & AI Podcast with Jon Krohn
302 Listeners
Python Bytes
214 Listeners
The Diary Of A CEO with Steven Bartlett
8,530 Listeners
Django Chat
75 Listeners
Fiction - Comedy Fiction
6,447 Listeners
The Real Python Podcast
141 Listeners
Hard Fork
5,469 Listeners
Signals and Threads
72 Listeners