In this lesson, you will learn,

  • what bandit is
  • how to test the security of your code using bandit
  • bandits main configuration options.
You can find the scripts and code for this course within the Automating Python Code Quality repo.

What is Bandit?

Bandit is a security linting tool for discovering Python-based security issues. This includes security issues such as hard-coded password strings or SSL certificate checking being disabled.

How to Install Bandit

Installation of Bandit is performed by running the following:

poetry add -D bandit


Bandit can be run recursively (via -r) or against a file. Examples of each are shown below:

$ bandit -r .
$ bandit -r dir/*
$ bandit

Therefore, let’s say we have the following file:

import requests

requests.get("", verify=False)
Members Only Content
Want to Learn Network Automation?
Join our membership to access:
  • Full deep-dive course library (inc. Batfish, pyATS, Netmiko)
  • Code repositories inc. full course code, scripts and examples
  • 24x7 multi-vendor labs (Arista, Cisco, Juniper)
  • Private online community
  • Tech demos and sessions

Join Now ➜
Close You've successfully subscribed to Packet Coders.
Close Success! Your account is fully activated, you now have access to all content.
Close Welcome back! You've successfully signed in.
Close Nearly there! To activate your account, please click the link in the email we just sent you.