search

ossf / wg-best-practices-os-developers

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
https://openssf.org
Apache License 2.0
769 stars 133 forks source link

[New SIG] Create Python Hardening Guide #481

Open SecurityCRob opened 6 months ago

SecurityCRob commented 6 months ago

Our friends at Ericsson have developed a set of code examples and guidance grounded in the MITRE CWE framework (https://cwe.mitre.org/). This work was originally inspired by SEI Cert's secure coding material, with the intention of translating those to Python to educate new and experienced developers and enable future automation with valid code examples.

The initial seed for this idea will grow from: https://github.com/Ericsson/secure_coding_one_stop_shop_for_python

We intend to meet ever two weeks to discuss and develop this idea together with the ultimate goal of have a useful artifact that can be easily leveraged by developers (as close to the IDE as possible) and enable tooling and automation to identify these types of coding errors.

gkunz commented 6 months ago

cc @myteron

myteron commented 1 month ago

@gkunz @SecurityCRob , looks like this is rolling, more details on #531 , should we close this?