blog.phpdeveloper.org
Social Security | blog.phpdev
https://blog.phpdeveloper.org/2015/04/30/social-security
Let me preface this by saying I think that sharing knowledge and experiences is a great thing. I love. That there’s so many tutorials out there from people showing good. Practices in security and things they’ve learned along the way. Unfortunately, this is the same place where I see a major downfall. This kind of “social security” is a problem and it needs fixing so secure application development can really thrive. I see two kinds of resources out there:. Community resources such as the OWASP wiki. About...
blog.phpdeveloper.org
application security | blog.phpdev
https://blog.phpdeveloper.org/tag/application-security
Let me preface this by saying I think that sharing knowledge and experiences is a great thing. I love. That there’s so many tutorials out there from people showing good. Practices in security and things they’ve learned along the way. Unfortunately, this is the same place where I see a major downfall. This kind of “social security” is a problem and it needs fixing so secure application development can really thrive. I see two kinds of resources out there:. Community resources such as the OWASP wiki. About...
blog.phpdeveloper.org
Writing | blog.phpdev
https://blog.phpdeveloper.org/writing
Tutorial: Introduction to Unit Testing in PHP with PHPUnit. Be More Asssertive: Getting to Know PHPUnit’s Assertions. Finding Your Way: an Introduction to Geocoding. Implementing Your Own Trackbacks. IDE Review: Ankord’s PHP Expert Editor. IDE Review: Maguma Studio v1.3.2. Intro to the MVC Framework. PHP String Handling Handbook. Leave a Reply Cancel reply. Enter your comment here. Fill in your details below or click an icon to log in:. Address never made public). Notify me of new comments via email.
blog.phpdeveloper.org
AppSec | blog.phpdev
https://blog.phpdeveloper.org/tag/appsec
Speaking at AppSec USA 2015. It’s always good to step outside of your usual bubble and try something new every once and a while. I recently took this step and submitted for the AppSec USA 2015. Conference happening in San Francisco on September. My topic? Here’s my prospectus for those that are interested:. PHP Security, Redefined. Come along with me as I guide you through both the language improvements and community encouragement making PHP a more secure place. May 15, 2015. Lone Star PHP Conference.
blog.phpdeveloper.org
development communities | blog.phpdev
https://blog.phpdeveloper.org/tag/development-communities
I’ve been thinking a lot lately about how to try to bring the security and development communities together, most specifically for PHP (see these two. So, take a step back – do you see a problem with this model? Most of these things I’ve listed involve talking at. The developers and not with. Is there a solution? In thinking about it some this morning, I see a pretty obvious one – developer outreach. I’ve mentioned this same idea before. But those are still presented as passive resources. Developers,...
websec.io
websec.io -
https://websec.io/tagged/opinion
Is dedicated to educating developers about security with topics relating to general security fundamentals, emerging technologies and PHP-specific information. We also offer security consulting services. For PHP and general application security needs. If there's a topic you don't see here and would like to read about (or would like to write an article) let us know. Looking for more information about securing PHP-based applications? Check out the Securing PHP ebooks. Security is for Beginners.
blog.phpdeveloper.org
security | blog.phpdev
https://blog.phpdeveloper.org/category/security
Protecting your application with PropAuth (Property-based Policy evaluation). I’ve been working on a library for a while now that kind of distills down some of the ideas of property-based authorization (like XACML. And makes it a bit more accessible to the average developer. Property-based evaluation can be a little tricky to get your head around if you’re used to the usual RBAC world. Let me introduce it briefly. So, back to PropAuth. First off, to install just use Composer:. Php require once 'vendor/au...
blog.phpdeveloper.org
Developer Security Outreach | blog.phpdev
https://blog.phpdeveloper.org/2015/01/29/developer-security-outreach
I’ve been thinking a lot lately about how to try to bring the security and development communities together, most specifically for PHP (see these two. So, take a step back – do you see a problem with this model? Most of these things I’ve listed involve talking at. The developers and not with. Is there a solution? In thinking about it some this morning, I see a pretty obvious one – developer outreach. I’ve mentioned this same idea before. But those are still presented as passive resources. Developers,...
blog.phpdeveloper.org
AppSec USA | blog.phpdev
https://blog.phpdeveloper.org/tag/appsec-usa
Speaking at AppSec USA 2015. It’s always good to step outside of your usual bubble and try something new every once and a while. I recently took this step and submitted for the AppSec USA 2015. Conference happening in San Francisco on September. My topic? Here’s my prospectus for those that are interested:. PHP Security, Redefined. Come along with me as I guide you through both the language improvements and community encouragement making PHP a more secure place. May 15, 2015. Lone Star PHP Conference.
blog.phpdeveloper.org
OWASP, A PHP Ostrich? | blog.phpdev
https://blog.phpdeveloper.org/2015/01/09/owasp-a-php-ostrich
OWASP, A PHP Ostrich? This focus on the .NET and Java worlds has bled through to other parts of the security community too. Take the Open Web Application Security Project. Have had a few additions and wording changes, but even then there’s quite a bit of information that’s just missing from its content. And noticed something interesting. There is a lot. In fact, the only PHP library the OWASP group has on Packagist is their RBAC. So, what’s my point in all of this? Of the PHP community. They almost h...
SOCIAL ENGAGEMENT