March 13-15, 2019
Montreal, Canada

PHP Application Security

PHP Application Security

Web security is an ever-changing landscape. Protect your infrastructure and your sensitive data with this 1-day training. We'll start with the theory behind application hardening. We will then go through a multitude of common vulnerabilities, along with concrete examples. We will implement solutions together in PHP. We'll finish with an interactive risk assessement session.

This training includes the OWASP top 10 and satisfies PCI DSS Requirement 6.5.

Course outline:

  • Application hardening basics
  • Injection
  • Broken Authentication
  • Sensitive Data Exposure
  • XML External Entities (XXE)
  • Broken access control
  • Security misconfiguration
  • Cross-site scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilities
  • Insufficient Logging & Monitoring
  • Buffer overflows
  • Cross-site request forgery
  • Vulnerability identification and classification
  • Threat modeling

Anna Filina

Filina Consulting

Anna has been a web developer since 1997. In her long consulting career, she developed an expertise in refactoring very old applications to be modern and testable. She is passionate about sharing her skills with fellow developers through her blog, YouTube channel, conferences and various articles. Anna also has an eye for technical debt, for which she then devises strategies that save companies a lot of money.

Read More

Comments

Please remain courteous and constructive. Comments will be moderated.