Zero Install: The future of FOSS Python static application security testing Simplifying Python Security: A Local-First Approach with WASM

Simplifying Python Security: A Local-First Approach with WASM

open.substack.com/pub/nocomple...

#python #pydata #infosec #testing #cybersecurity

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code security analyzer based on distrust. Codeaudit - Modern Python source code security analyzer based on distrust. - nocomplexity/codeaudit

Identifying data exfiltration in #Python code—specifically within telemetry, remote analytics, and SaaS integrations—is a critical step in mitigating #security risks.

github.com/nocomplexity...

#pycon #infosec #PyTorch

Is Your Hardware Trash? How E-Waste is Powering the Next Tech Revolution Radical Open Innovation News

How E-Waste is Powering the Next Tech Revolution

open.substack.com/pub/nocomple...

#innovation #foss #technology #ai #Taalas #unbinare #mojo

a blue and white stuffed animal with a bow tie ALT: a blue and white stuffed animal with a bow tie

#OpenClaw is a Security Nightmare, never use #Cloudflare , Data Exfiltration Detection in #Python Code and more!

Check Open #Security News:
nocomplexity.com/open-securit...

Static Application Security Testing (SAST): Simplicity Matters Simple, Local, FOSS: Reclaiming Python Security from the SaaS Giants

Static Application Security Testing (SAST): Simplicity Matters

So
Simple, Local, FOSS: Reclaiming Python Security from the SaaS Giants
open.substack.com/pub/nocomple...

#python #appsec

Why Your Antivirus is Failing You (And What to Do Instead) Detection of malware or security weaknesses?

Detection of malware or security weaknesses?

open.substack.com/pub/nocomple...

#python #appsec #infosec

How to Avoid Fake Confidence in Python Code Security The 5 Non-Negotiable Requirements of a Serious Python SAST Scanner

How to Avoid Fake Confidence in Python Code Security
open.substack.com/pub/nocomple...

#gpl #foss #appsec #infosec

Python Injection Attacks Finding eval(), exec(), and Insecure SQL Queries

Python Injection Attacks

medium.com/@maikelmardj...

#Python #pydata #pycon #owasp #cybersecurity #infosec

Mastering Security Testing for Python Applications
Standard Security Testing Isn’t Enough for #Python.

securitytesting.nocomplexity.com

#CyberSecurityAwareness #odido #Odidohack

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code security analyzer based on distrust. Codeaudit - Modern Python source code security analyzer based on distrust. - nocomplexity/codeaudit

A potential security issue or weakness is a general flaw, error, mistake or sloppy programming habit in a programs design, implementation, or operation that could lead to security problems.

So Use github.com/nocomplexity...

#security #weakness #testing #odido

Security Reference Architecture Develop superior security solutions with greater speed and efficiency. Leverage proven, open-source frameworks for your specific requirements.This Playbook is designed to help you navigate and resolve...

#Cybersecurity is often surrounded by myths and perceived as an impossibly complex domain.

This guide is targeted for reuse to solve your cybersecurity challenge. #open and simple solutions.
Free to read at nocomplexity.com/simplify-sec...

Or check

nocomplexity.gumroad.com/l/SecurityAr...

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code security analyzer based on distrust. Codeaudit - Modern Python source code security analyzer based on distrust. - nocomplexity/codeaudit

Securing your code isn’t just about who gets in—it’s about what gets out.

#Python Code Audit External Egress Detection feature is a vital for security and prevention of data leaks.

Try it out!
github.com/nocomplexity...

#Pycon #AppSec #CyberSecurity #DataProtection

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code security analyzer based on distrust. Codeaudit - Modern Python source code security analyzer based on distrust. - nocomplexity/codeaudit

Cyber protection can be better and simpler. SBOMs describe what ends up in a software, not how it got there. Having a SBOM does not make your software secure! Doing a SAST scan on software before using, is simple and gives real insights.

Code does not lie.
github.com/nocomplexity...

#pydata

From Vulnerable to Verifiable: Master Python File I/O Today How To Open a file securely

From Vulnerable to Verifiable: Master Python File I/O Today
How To Open a file securely

open.substack.com/pub/nocomple...

#pycon #pydata #owasp #infosec

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code security analyzer based on distrust. Codeaudit - Modern Python source code security analyzer based on distrust. - nocomplexity/codeaudit

Never trust #Python importlib.import_module in programs of others!

Allowing dynamically module imports makes it easy to execute arbitrary code.

Possible mitigation:Use the Python Code Audit to check the code upfront! github.com/nocomplexity...

#security #infosec #owasp #vulnerability

#fosdem 2026 was again a great party for all #FOSS addicts.

FOSDEM is still the #1 FOSS conference for developers to learn and meet like-minded people.

This year with a great talk of @agoose77.bsky.social on things possible with #JupyterBook (version 2!)
Check it out on jupyterbook.org

Many Python code weaknesses are detected in the #Open Source Python SAST tool, Python Code Audit

github.com/nocomplexity...

#fosdem #pydata #infosec #owasp

Security Reference Architecture Develop superior security solutions with greater speed and efficiency. Leverage proven, open-source frameworks for your specific requirements.This Playbook is designed to help you navigate and resolve...

I checked more than 1200 URLs on validity. Great new input is added!

This guide is to solve your most complex security challenges using practical, proven strategies.

Free at nocomplexity.com/documents/se...
Or as PDF on

nocomplexity.gumroad.com/l/SecurityAr...
#infosec #fosdem #cybersecurity

Why ‘Zero Trust’ is Mostly Just Zero Transparency FOSS: The Only Cybersecurity You Can Actually Trust.

Why ‘Zero Trust’ is Mostly Just Zero Transparency

FOSS: The Only Cybersecurity You Can Actually Trust? Still never trust, always verify!
open.substack.com/pub/nocomple...

#trust #gpl #foss #opensource #cybersecurity

From Hours to Seconds: Automating Python Security with AI? The Truth About AI Python Security Tools: A Balanced Deep Dive.

From Hours to Seconds: Automating Python Security with AI?

The Truth About AI Python Security Tools: A Balanced Deep Dive.

open.substack.com/pub/nocomple...

#fosdem #python #gemeni #openai

Defence in Depth in Python Security: Why Using Multiple SAST Tools Matters Defence in depth is a core security principle that relies on multiple, independent security controls.

Defence in Depth in Python Security: Why Using Multiple SAST Tools Matters

open.substack.com/pub/nocomple...

#python #security #gpl #foss

How to Stop Directory Traversal Attacks in Python The Danger of Directory Traversal

How to Stop Directory Traversal Attacks in Python -
The Danger of Directory Traversal

open.substack.com/pub/nocomple...

#python #appsec #programming

a penguin wearing glasses has a stack of books on his head and the words always be learning behind him ALT: a penguin wearing glasses has a stack of books on his head and the words always be learning behind him

Sha256 algorithm explained, The Illustrated TLS 1.3 Connection, OWASP Juice Shop and more free #CyberSecurity courses!

nocomplexity.com/documents/se...

Input? Let me know!
#owasp #free #Learning

GitHub - nocomplexity/codeaudit: Codeaudit - Modern Python source code analyzer based on distrust. Codeaudit - Modern Python source code analyzer based on distrust. - nocomplexity/codeaudit

I advocate for ‘simple’ Open Cybersecurity solutions. At minimum, this means #opensource software with maintainable code and a security.md file that makes reporting vulnerabilities possible in under 10 seconds!

github.com/nocomplexity...

#fosdem #security #pycon

DO NOT rely on SAST #security scanners that are powered by AI-agents to solve cyber security problems!

Most are just far from good enough.

In the best case scenario, you’ll only be disappointed. But the risk of a false sense of security is enormous.

Use github.com/nocomplexity...

A Data-Driven Analysis of PyCon Talks on security According to many statistics, Python is the number-one programming language in use today, largely due to the rise of AI and machine learning research, data analysis, and related applications.

I was curious to know how many security-related talks are held at large Python conferences, so I analysed the largest PyCon conferences of the last few years.

open.substack.com/pub/nocomple...

#pycon #owasp #appsec

The Fastest Way to Validate External Python Modules The Secret to Instant Security Validation Without the Headache

The Fastest Way to Validate External Python Modules
Instant #python Security Validation Without a #Headache

open.substack.com/pub/nocomple...

#cyber #pycon #appsec #owasp

Python Code goes through parsing, complication and execution. Python's execution model combines interpretation with compilation.

Python’s popularity make it a target for malicious actors:

Python code is not secure by default!

codeaudit.nocomplexity.com
#CPython #owasp #pycon

#python #programming #coding #cybersecurity

Python security is gaining attention due to the still rising usage. Python can be considered a secure language, yet Python applications are susceptible to common security flaws.

github.com/nocomplexity...

#pycon #fosdem #owasp