Secure Coding in Python (2020)
1h 31mAdvanced2020-07-24
Authors

Ronnie Sheer
Software Developer and Instructor
Course details
Learn how to develop more secure Python applications. In this course, instructor Ronnie Sheer reviews the most common vulnerabilities in Python apps and explains how to set up a coding environment that helps you develop code with security in mind. Learn how to avoid common pitfalls associated with loose typing and assertions and find out how to deserialize Pickle data. Then explore the security features—such as code generation and secrets management—in Django, a popular Python framework. Ronnie also explains how to secure a RESTful API in Django using permissions, data serialization, and automated testing, and closes the course with some tips for securing applications written with Flask, a powerful micro web framework.
Topics include:
Secure coding standards
Setting up a secure Python coding environment
Dynamic typing with Python
Securing endpoints
Securing Django
Securing RESTful APIs
Testing Python apps
Securing Flask
Topics include:
Secure coding standards
Setting up a secure Python coding environment
Dynamic typing with Python
Securing endpoints
Securing Django
Securing RESTful APIs
Testing Python apps
Securing Flask
Skills covered
Software Development SecurityPythonCybersecurityProgramming LanguagesOpen SourceSoftware DevelopmentOne-Off
Concepts
0. Introduction
- 01 - Developing securely
- 02 - What you should know
- 03 - What are secure coding, CERT, and other standards
- 04 - What is OWASP Top 10
1. Setting Up
- 05 - Installing software with due caution
- 06 - Installing pipenv, Python, Django, Flask, and Django REST framework
- 07 - Common vulnerabilities and exposures checks
- 08 - A few words about encryption and injection
2. Avoiding Python Pitfalls
- 09 - Dynamic typing with Python
- 10 - Explicit assertions with Python
- 11 - Don't get yourself into a Pickle
- 12 - Challenge - Secure the end point
- 13 - Solution - Secure the end point
3. Securing Django
- 14 - Using a separate Python environment for isolation
- 15 - The batteries included approach in Django
- 16 - Generating new projects
- 17 - The Django settings module, keeping secrets, and the dangers of debug mode
4. Securing a RESTful API
- 18 - Safe serializing
- 19 - Permissions
- 20 - Testing and security
- 21 - Challenge - Run the test, fix the code
- 22 - Solution - Run the test, fix the code
5. Securing Flask
- 23 - The challenge of securing Flask
- 24 - Flask secrets
- 25 - Password hashing with Flask
Conclusion
- 26 - Next steps - Secure coding
Related courses
Related learn paths
- Prepare for the MTA: Software Development Fundamentals Exam (98-361)
- Become a Software Developer
- Become a Programmer: Foundations
- Explore a Career in Computer Forensics
- Network Administration: Build Core Skills for Network Management and Security
- Introduction to Fundamental Skills for Data Work: Data Collection
- Advance Your Skills as a Django Developer
- Become a Django Developer