Treat with sensitive information is a must. But every so often, it is not easy. Today we’ll review the secure secret manager and an easy way to use, a light way solution for some scenarios and local scripts. TL;DR What’s a Secure Secret Storage A vault is a secure storage for saving sensitive data, like passwords…

Efficient memory usage in Python with Zero-copy Python has a lot of magic with memory under the hood and, in most cases, Inefficiently. A simple task that reads a file in chunks is inefficient if you don’t take some things in the count. Let’s say we have this code: The reading operation allocates 10 MB, and…

Today I start a new series of posts with my favorite Python libraries. I’ll share with you those that, I think, is most interesting. In this post, I’ll present the library: Prompt Toolkit. If you like CLI and terminals for writing your tools, You’ll like this library. https://python-prompt-toolkit.readthedocs.io/en/master/index.html This library, in a few words With Prompt…

Making regular expressions (REGEX) is sometimes an arduous task. If we need to create a REGEX that matches a set of words, we need to analyse them and include all the necessary conditions to match them. It’s very common in Web Apps, filters, or something else that has to match…

There are many libraries for measuring the performance of Python code. These tools are called profiling tools. Even the Python core library has its own, it’s a bit cumbersome to use it, and, usually, they were not created for living with our production code. Some examples are: timeit profile cprofile …

In a C.I. / C.D. pipeline is very a common task to use environment variables as a way to store service credentials (like AWS Secret keys or database user/password). Most used and well-known automation systems have specific features to manage sensitive information. In this post, I’ll cover the four most…

Today I’ll talk about an old-new attack that can affect your production systems: a Zip bomb. This concept is not new. Following Wikipedia first time Zip Bomb concept was mentioned was in 2001. TL;DR The idea of the Zip bomb is very simple. An attacker can create a special version of…

A lot of was written about Docker security and how to create secure Dockefiles. You can reach on Google about security tips and best practices. This is nice but still there’s a big problem to solve: how to automate the security checking. Steps for building a Docker image Create a docker image have two steps: Write…

This is the first post of a serie about DevSecOps. We’ll discuss about (in)security in DevSecOps process. Today we’ll check security in building process when you need external GIT. GIT in the CI process Cloning GIT repositories is an usual task for a CI pipeline when you’re building artefacts. Some programming languages do more use…