Python 3.8 includes new features for security engineers to allow greater insight and awareness when your network is under attack (which is every day). This session will investigate the need for these hooks and how they are used to protect your production servers and your users.
Python 3.8 is about to be released, and hackers are worried. For years, being able to access Python on someone else's machine has meant freedom, power, immunity, and most importantly, reliable cross-platform malware. Some of the most powerful hacking tools are written in Python, and it needs to end.
While the bad guys are worried, the good guys are celebrating. Python 3.8 is bringing some new features through auditing events and the verified open hook. No longer will Python be a black box within your system, but the log stream available through auditing hooks will let you know whenever it is being (mis)used. Being able to verify code files before they are executed allows administrators to detect tampering and ensure the integrity of their system, rather than allowing attackers to infiltrate and persist.
In this session, we will see why hackers love the power and flexibility of Python. We will implement actual auditing hooks to expose their secret acts, and see some of the operating system features that are now available to Python developers. Rather than being a vulnerability in your environment, these features make it an early warning system, helping protect you and your users from the biggest threats in our always-connected world.
Steve is an engineer who tells people about Python and then gives them excuses to use it and great tools to use it with. He is a core contributor and Windows expert for CPython, and works at Microsoft making sure Python developers are well supported across Windows, Azure, and other Microsoft platforms.