Explore the world of Python code security in this 26-minute conference talk from BSidesSF 2017. Dive into Bandit, an open-source tool for discovering common security flaws in Python code. Learn how Bandit works, its origins in OpenStack, and its widespread adoption beyond. Discover how to customize Bandit for different workflows, create a Security CI pipeline, and extend its capabilities. Follow along as Travis McPeak, a core Bandit developer, guides you through detecting critical security issues like command injection, SQL injection, insecure temporary file usage, and more. Gain insights into essential workflows, bug removal, and building security gates. Explore topics such as user input handling, TLS implementation, weak cryptography, file permissions, and hardcoded credentials. Conclude with next steps, metrics, secure development guidance, and Bandit documentation to enhance your Python code security practices.