Cyber security is a process, not a destination to arrive at. Openness and transparency builds trust. Good simple cyber security solutions are open and transparent. Cyber Security is a complex field. Without digital security, your privacy is at risk. Keep it simple. Keep learning.
-
Can We Trust AI to Secure Our Python Code?
I love new technology. I also advocate for Free and Open Machine Learning/AI. I think FOSS AI/ML is crucial for everyone. See FOSS AI/ML Guide.
-
Defence in Depth in Python Security: Why Using Multiple SAST Tools Matters
Defence in depth is a core security principle that relies on multiple, independent security controls. If one fails, others detect or mitigate the threat. In Python Static Application Security Testing (SAST), depending on a single scanner creates unnecessary risk and incomplete vulnerability coverage.
-
A Data-Driven Analysis of PyCon Talks on security
According to many statistics, Python is the number-one programming language in use today, largely due to the rise of AI and machine learning research, data analysis, and related applications. However, this popularity makes Python-developed programs a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code by experts…
-
The 2026 Python SAST Shortlist: What’s Actually Worth Using?
Static Application Security Testing (SAST) tools are essential, including when creating or using Python programs. From a security-by-design perspective, ensuring that applications have no weaknesses that can be easily converted into vulnerabilities is more than just a best practice. SAST tools for Python empower developers, testers, and security teams to identify software weaknesses before code…
-
A Guide to Python Security Flaws: From Weakness to Vulnerability
In today’s digital world, security remains a critical concern. This applies equally to Python software.Python is the most widely used programming language worldwide. To use a Python SAST scanner (Static Application Security Testing Tool) effectively, it is vital to understand the difference between a weakness and a vulnerability:
-
How To Proactively Scan Any Python Package for Security Weaknesses Before Installation
Python’s dominance as a programming language makes it a prime target for security risks. Security is never guaranteed: a solid architecture helps, but even well-written code—including AI-generated code—is not secure by default. The gold guiding principle for protecting your systems is simple: never trust, always verify (Zero Trust). Cybersecurity is inherently complex and mistakes are…
-
Security Perspective on Python 3.14
The release of Python 3.14, released on October 7, 2025, marks a great milestone for the Python programming language. Developing a new release for the Python language is a major challenge and very hard work for many volunteers active in the Python ecosystem. Python 3.14.0 contains many new features and optimisations compared to Python 3.13.
-
Should you use GitLabs Static application security testing (SAST) for Python?
Python security is gaining attention due to the still rising usage of Python. Python applications are not immune to common security flaws. So, security testing, especially static application security testing (SAST) on Python code, is recommended for everyone who shares code.
-
exec() in Python: Simple & smart or Career-Ending Mistake?
Python is the most widely used programming language worldwide. Its clear syntax, extensive libraries, and adaptability make it suitable for beginners, researchers, and professionals alike. But security is a growing critical concern for Python code. AI-generated code — is not secure by default and human programmers are no security experts. A fantastic built in function…
-
DySec: Is a Python package Actually a Hacker Trap?
Python is the most widely used programming language worldwide. Consequently, many programs, even those built on top of FOSS Python modules, are freely available on The Python Package Index (PyPI.org). Python security is gaining attention due to its rising usage. Python can be considered a secure language, yet Python applications are also susceptible to common…
-
PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python – A critical review
Reading scientific cyber security literature is crucial for continuous development and learning. Engaging with research papers often leads to new insights or a deeper perspective on a subject. The paper titled “PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python” (arXiv: 2507.18075) captured my attention. Authored in 2025 by researchers from the Computer Science…
-
Python Secure Coding Guidelines
In today’s digital world, security remains a critical concern. This applies equally to Python software. Security breaches that are possible when running untrusted Python programs are real. This checklist is intended for anyone who wants to create Python programs that are secure by design. Programming in Python is fun, but when you create programs for…