Overview
Explore PHP security advancements in this 43-minute conference talk from AppSecUSA 2015. Delve into the language's evolving focus on secure development practices, with practical code examples, tools, libraries, and best practices for safer PHP applications. Learn about upcoming improvements in PHP 7, community initiatives, and how to implement robust security measures in your PHP projects. Gain insights from Chris Cornutt, an experienced Application Security Engineer, on topics such as password hashing, OpenSSL updates, strict sessions, scalar type hinting, and more. Discover how PHP is redefining its approach to security and equipping developers with the knowledge to create more secure applications.
Syllabus
Introduction
About me
PHP History
Support Schedule
Anthony Ferrara
Composer
Frameworks
Drupal
WordPress
Composer Libraries
Password Hashing
Password Rehash
A Notice
OpenSSL Updates
Default Cipher Order
OpenSSL Settings
HashEquals
Strict Sessions
Scalar Type Hinting
Return Types
Random Library
Uniform Variable Syntax
Unicode
Engine Exceptions
Filter Done serialized
Why is this important
Educating the users
Questions
Taught by
OWASP Foundation