OpenStack Summit May 2015 Vancouver has ended
Thursday, May 21 • 1:30pm - 2:10pm
Securing the OpenStack code base with Bandit

Sign up or log in to save this to your schedule and see who's attending!

Security consistently ranks as the #1 concern when talking with decision makers about cloud adoption.  According to a recent count, OpenStack has 1.6 million lines of Python code.  The success of OpenStack is closely tied to the security of the OpenStack code base. 

Bandit is a Python AST-based code security analyzer from the OpenStack Security Group, designed to pinpoint security issues within Python code bases.  Bandit helps sift through large volumes of code efficiently, rapidly identifying potential flaws - for example, unsafe function calls or the usage of outdated/unsafe libraries.  Bandit also makes it easy to extend capabilities to scan for additional vulnerabilities. 

In this presentation, we’ll go over the design and implementation of Bandit.  We’ll discuss some security vulnerabilities that have been already identified, and how new tests can be contributed.  We’ll also discuss how OpenStack projects can start using Bandit immediately, as well as plans for integration into OpenStack gate tests for the automated security scanning of code submissions.

avatar for Jamie Finnigan

Jamie Finnigan

HP Cloud Security
Jamie Finnigan is a member of the Cloud Security team at HP, with responsiblity for security of the HP Helion portfolio of OpenStack-based products and services.  Currently in a manager role with service and product-focused responsibilities around security operations, security architecture... Read More →

Tim Kelsey

HP Cloud Security
Tim Kelsey is a security engineer at HP Cloud with responsibilities across the Helion portfolio and an emphasis on OpenStack upstream work including ongoing contributions to Barbican, Kite, Anchor, and Bandit.  Tim is an experienced software and systems developer, with demonstrated... Read More →

Thursday May 21, 2015 1:30pm - 2:10pm
Room 114/115

Attendees (0)