Speaking at Dutch PHP Conference 2009
April 28th, 2009 | by Stefan Esser |
I will present a session and a workshop at this year’s Dutch PHP Conference 2009 in Amsterdam. The session is about writing secure PHP applications with the Zend Framework and the workshop is a PHP security crash course for beginners. Don’t expect any magic. If you want to see PHP voodoo you need to attend SyScan Singapore 2009.
Workshop: PHP Security Crash Course
This workshop is meant for PHP programmers that know the basics of PHP but have no or only a bit insight into the security problems they have to deal with when developing web applications. During the workshop the most important subjects of web application security will be introduced, which are:
- Input filtering
- Cross Site Scripting (XSS)
- Cross Site Request Forgery (CSRF)
- SQL Injection
- Session Managament
- PHP Code Inclusion and Evaluation
Every subject will be introduced from the attacker’s and the programmer’s point of view, because for an effective defense it is vital to understand the tricks of the offense.
Session: Secure Programming with the Zend Framework
More and more PHP developers are using the Zend Framework when developing new applications. Because of guidelines and features of the framework the process to develop secure PHP applications changes.This session will introduce which features of ZF help to develop secure applications, how they are used and what security problems you still have to solve on your own.
See you in Amsterdam between 11th and 13th June.