Building Security into your PHP Applications
Security is one of the most important things to keep in mind when developing web applications. Unfortunately, it is also one of the things most easy to overlook. Reviewing hundreds or thousands of lines of code may be a daunting task, but it is one that can be avoided if an application is developed with security in mind.
This PHP class presents a comprehensive overview of security and has been designed to equip PHP developers with the knowledge they need to build more secure web applications.
Audience
This course is designed for experienced PHP application developers who want to learn or be reminded of security best practices. It is also appropriate for new PHP developers who want to learn how to build security into the applications they are learning to create.
Prerequisite(s)
Basic knowledge of PHP 5.
Objective
After completing the course participants will be prepared to:
- Incorporate standard, best practice security measures into their PHP applications.
- Identify the most common types of vector attacks and how best to monitor and guard against them.
Topics Include
- What is Security?
- The Defense in Depth of Concept
- Security's Basic Rules
- Guidelines for Building Secure Web Applications
- Injection Attacks (SQL, XSS, Command, Remote Code)
- XSRF Attacks
- Session Security
- Secure File Uploads
- Creating Secure Configurations
- Password Security
- Sandboxes & Tarpits
- Security through Obscurity
- Security Implications for AJAX
- Filtering for Charsets
