From the course: Secure Coding in Python
Join today to access over 25,500 courses taught by industry experts.
Installing software with due caution - Python Tutorial
From the course: Secure Coding in Python
Installing software with due caution
Let's talk about vulnerable or outdated components, which is number six in the OWASP Top 10 vulnerabilities list. Now, when we use open source software, especially when we have great package managers, it can be tempting to install lots of packages to pretty much solve any problem that comes our way. But not being careful about this means we can install vulnerable software. Whenever I install a third party package or some open source software, I tend to ask myself, "Would I pay $500 for this software? " And having this notion that I would have to pay for it makes me think twice about whether I really need this, and is a good way to avoid clutter. It's also a good idea to check how vulnerable this package is before you install it, and there are some excellent tools out there to help you out. One of these tools is this Open Source Advisor by Snyk, and you can use it for Node.js, for npm, or for Go, Docker. I'm going to use it for the Python package manager, and I'm going to type in a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.