Cyber security is a process, not a destination to arrive at. Openness and transparency builds trust. Good simple cyber security solutions are open and transparent. Cyber Security is a complex field. Without digital security, your privacy is at risk. Keep it simple. Keep learning.
-
Simplifying Python Security: A Local-First Approach with WASM
Python code plays a central role in modern computing, yet Python applications are not immune to cybersecurity threats. Consequently, security has become a critical concern for both users and developers alike.
-
Open Security News – March 2026
While security testing is crucial for protection, identifying security defects in Python-based software requires specialised knowledge. Most security testers lack the in-depth training on Python-specific nuances that is essential for performing effective security evaluations. In today’s digital world, cybersecurity remains a critical concern. This applies equally to the consumption and creation of Python software: preventing…
-
Static Application Security Testing (SAST): Simplicity Matters
I have worked on delivering large-scale IT systems for more than 25 years. I spent my early years as an engineer, and for the last 20 years, I have worked in various architecture roles, steering development and solving complex issues. But some things never change:Cybersecurity remains a difficult and complex field. It requires expertise across…
-
Detection of malware or security weaknesses?
Almost all software is under attack today, yet many organisations remain unprepared in their defence. Every day, news emerges of computer systems being breached, frequently through vulnerabilities within the software itself.
-
Python Security Showdown: Which Tool Actually Protects Your Code?
On an almost daily basis, I see new Static Application Security Testing (SAST) tools emerging. Nearly all of these new solutions are powered by LLMs and offered exclusively as SaaS products. Security is not a trivial matter. High-quality security tools are essential to protect your organisation. What is far more dangerous, however, are professional-looking cybersecurity…
-
Can We Trust AI to Secure Our Python Code?
I love new technology. I also advocate for Free and Open Machine Learning/AI. I think FOSS AI/ML is crucial for everyone. See FOSS AI/ML Guide.
-
Defence in Depth in Python Security: Why Using Multiple SAST Tools Matters
Defence in depth is a core security principle that relies on multiple, independent security controls. If one fails, others detect or mitigate the threat. In Python Static Application Security Testing (SAST), depending on a single scanner creates unnecessary risk and incomplete vulnerability coverage.
-
A Data-Driven Analysis of PyCon Talks on security
According to many statistics, Python is the number-one programming language in use today, largely due to the rise of AI and machine learning research, data analysis, and related applications. However, this popularity makes Python-developed programs a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code by experts…
-
The 2026 Python SAST Shortlist: What’s Actually Worth Using?
Static Application Security Testing (SAST) tools are essential, including when creating or using Python programs. From a security-by-design perspective, ensuring that applications have no weaknesses that can be easily converted into vulnerabilities is more than just a best practice. SAST tools for Python empower developers, testers, and security teams to identify software weaknesses before code…
-
A Guide to Python Security Flaws: From Weakness to Vulnerability
In today’s digital world, security remains a critical concern. This applies equally to Python software.Python is the most widely used programming language worldwide. To use a Python SAST scanner (Static Application Security Testing Tool) effectively, it is vital to understand the difference between a weakness and a vulnerability:
-
How To Proactively Scan Any Python Package for Security Weaknesses Before Installation
Python’s dominance as a programming language makes it a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code—including AI-generated code—is not secure by default. The gold guiding principle for protecting your systems is simple: never trust, always verify (Zero Trust). Cybersecurity is inherently complex and mistakes are…
-
Security Perspective on Python 3.14
The release of Python 3.14, released on October 7, 2025, marks a great milestone for the Python programming language. Developing a new release for the Python language is a major challenge and very hard work for many volunteers active in the Python ecosystem. Python 3.14.0 contains many new features and optimisations compared to Python 3.13.