Python

Supported versions

Agents can only be installed in Linux environments. Windows is not supported.

Application Security's Python agent is compatible with the following packages:

Component Version
Python 3.5 to 3.8
Django 2.0 to 3.2
Flask 0.11 to 2.0
Pyramid 1.6 to 2.0
Tornado 5.1 to 6.1

supported on Python 3.7+

Code protection features

Some of the code protection features are enabled only when specific components are used in the application. The table below lists the required components for a code protection feature to be enabled.

Feature Requires
SQL Injection
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
  • Mysqlclient 1.3 to 2.0
  • psycopg2 2.7 to 2.9
  • pymssql 2.1 to 2.2
  • PyMySQL 0.7 to 1.0
  • sqlite3
Remote Command Execution
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
  • Django 2.0 to 3.2
  • Pyramid 1.6 to 2.0
  • Tornado 5.1 to 6.1
  • Werkzeug
  • AWS Lambda
Remote Command Execution: HTTP Params
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
  • Django 2.0 to 3.2
  • Pyramid 1.6 to 2.0
  • Tornado 5.1 to 6.1
  • Werkzeug
  • AWS Lambda
Illegal File Access
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
Open Redirect
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
  • Django 2.0 to 3.2
  • Flask 0.11 to 2.0
  • Tornado 5.1 to 6.1
Malicious Payload
  • WSGI based web-server
  • Chaussette WSGI server 1.3+
Malicious File Upload
  • WSGI based web-server
  • Chaussette WSGI server 1.3+

Download the agent

The Python agent is available from the Download page.

Install the agent

To install the agent, follow these steps:

  1. Add the Application Security package to requirements.txt:
    trend_app_protect
  2. Run pip to install the package:
    pip install -r requirements.txt
  3. Import the trend_app_protect.start module at the top of your WSGI script:
    import trend_app_protect.start
  4. Do the following to configure the agent key and secret:
    • set the TREND_AP_KEY and TREND_AP_SECRET environment variables. The Key and Secret can be found under Group Settings > Group Credentials.
    • (optional) edit the file trend_app_protect.ini under the root of the project or under /etc (but the environment variables will still take precedence):
[trend_app_protect]
key = my-key
secret = my-secret