The chapter explores the challenges posed by third-party code dependencies in software development, emphasizing the risks of arbitrary code execution and malware introduction. It discusses the importance of securing the software supply chain, from source control management to package deployment, and the need to be cautious with third-party plugins in popular IDEs. The conversation highlights the intricacies of software supply chain security, stressing the importance of vetting software components and maintaining vigilance throughout the development process.
We've spoken previously about security and software supply chains and we are back at it this episode. We're diving in again with Charles Coggins. Charles works at a software supply chain company and is on to give us the insiders and defender's perspective on how to keep our Python apps and infrastructure safe.
Episode sponsors
Sentry Error Monitoring, Code TALKPYTHON
Mailtrap
Talk Python Courses
Links from the show