Is your code tainted? Finding security vulnerabilities using taint-tracking. [EuroPython 2018 - Talk - 2018-07-26 - Kilsyth] [Edinburgh, UK] By Mark Shannon "Taint tracking" is a technique used in code analysis to find security vulnerabilities and other problems. Any data that comes from an untrusted source, for example a HTTP request, is treated as "tainted". If that "tainted" data is able to reach a vulnerable part of your code, then you have a problem. Sophisticated code analysis tools can track this data, and reveal potential security problems. Examples of the sort of problem that can be found include cross-site scripting (XSS), code injection, SQL injection and others. In this talk I will show how taint tracking analysis works in practice, introducing the concepts of source, sink and sanitizer. I will then demonstrate using taint tracking to find a XSS vulnerability in a django app. (We will chose a project that is designed to teach django security, where the vulnerability is deliberate.) I will also explain how thinking in terms of "taint" can help you write safer code, even without access to code analysis. During this talk I will use the code analysis tools on lgtm.com to demonstrate the analysis. lgtm.com is free to use for open-source projects. A paid version is available. License: This video is licensed under the CC BY-NC-SA 3.0 license: https://creativecommons.org/licenses/by-nc-sa/3.0/ Please see our speaker release agreement for details: https://ep2018.europython.eu/en/speaker-release-agreement/