36 min listen
#153 - Elevating Python Security: A Conversation with PyPI's Safety & Security Engineer Mike Fiedler
FromPybites Podcast
#153 - Elevating Python Security: A Conversation with PyPI's Safety & Security Engineer Mike Fiedler
FromPybites Podcast
ratings:
Length:
52 minutes
Released:
Mar 1, 2024
Format:
Podcast episode
Description
This week we interview Mike Fiedler, the PyPI Safety & Security Engineer at the Python Software Foundation (PSF).We discuss the importance of security within the Python ecosystem and offering practical advice for Python developers to enhance their security awareness. Highlights include a deep dive into PyPI security measures, the challenges of securing the Python ecosystem, tips for Python developers, and Mike's journey to his current and previous (DevOps) roles, emphasizing the blend of technical skills and mindset needed to tackle security and solving challenges problems effectively.Enjoy this episode with Mike Fiedler!Chapters:00:00 Show intro01:20 Intro to audience and stateless testing win08:24 Transition into PyPI security and current role17:43 Challenging securing the Python ecosystem24:48 Tips for Python devs to be more security aware27:18 PDM ad segment27:44 Security tips cont'd33:16 Solving a puzzling problem in production (mindset)39:40 Psychological safe workplaces / blame vs accountability44:18 Security trends, how to prepare, and resources48:05 Books and wrap up---Pybites ad segment: apply for Python coaching here.---Show links:- pytest-randomly- pytest-socket- Brian Okken's pytest content- PyPI blog- Trusted Publishers- 2FA Required for PyPI- git annotate- Asimov Robot series- Silo- CPython 3.12.2 is SBOM-ified- Trail of Bits blog- Fastly blog- Disaster recovery for Consul clusters (now this exists!)- Bandit- Pre-commitReach out to Mike here.
Released:
Mar 1, 2024
Format:
Podcast episode
Titles in the series (100)
#005 - 100 Days of Code Accountability Partners by Pybites Podcast