13 au 15 mars, 2019
Hôtel Bonaventure

PHP Application Security

PHP Application Security

Web security is an ever-changing landscape. Protect your infrastructure and your sensitive data with this 1-day training. We'll start with the theory behind application hardening. We will then go through a multitude of common vulnerabilities, along with concrete examples. We will implement solutions together in PHP. We'll finish with an interactive risk assessement session.

This training includes the OWASP top 10 and satisfies PCI DSS Requirement 6.5.

Course outline:

  • Application hardening basics
  • Injection
  • Broken Authentication
  • Sensitive Data Exposure
  • XML External Entities (XXE)
  • Broken access control
  • Security misconfiguration
  • Cross-site scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilities
  • Insufficient Logging & Monitoring
  • Buffer overflows
  • Cross-site request forgery
  • Vulnerability identification and classification
  • Threat modeling

Anna Filina


I am a web developer, team lead, project rescue expert, Pluralsight author, public speaker and former conference organizer. I enjoy realizing seemingly impossible things. I have been coding since 1997.

Read More


Veuillez rester constructifs et courtois. Les commentaires seront modérés.