Posts marked with “security”

Security Corner: Access Control and Authorization

by · May 2, 2019

0
 

Proving the identity of a user isn’t the end of an application’s responsibilities: you must also verify the user is allowed to perform the actions they’re attempting. Conflating authentication (the act of identifying users) with authorization (the act of verifying their level of access within the system) is one of the most common ways applications have been breached in the recent past.

 

Meet the php[tek] Security Chairs

by · April 15, 2019

0
 

We’ve re-imagined the format of php[tek] this year in response to feedback from past attendees. We kept hearing a desire for a more cohesive, curated conference schedule which allows speakers to dig deeper into a topic than a general 50-minute talk permits. So we’re organizing the talks into eight focused tracks, where one talk builds […]

 

Security Corner: The Risk of Lists

by · April 3, 2019

0
 

The OWASP Top Ten is required reading for anyone in software development, regardless of whether or not your role focuses on security. It’s a useful guide to get you started thinking from a strong security mindset. Be careful, however, to avoid thinking the list is exhaustive or provides comprehensive security for your application or system.

 

Security Corner: Intrusion Detection

by · March 4, 2019

0
 

Home security systems are an early warning to potential theft or abuse of our personal property. They’re useful because they alert us (and the police) to a problem before the theft happens. Logging and monitoring of our applications and digital systems can similarly help protect our customers and their data. By leveraging an automated intrusion […]

 

Security Corner: Strong Security Stance in the New Year

by · January 7, 2019

0
 

January is a month all about setting resolutions for the new year. A new diet. A new budget. A new FOSS contribution goal. In 2019, let’s intentionally focus on keeping our projects safe and taking a strong stance on security.

 

Education Station: The Day the Internet Died

by · November 1, 2018

0
 

The more things change, the more they remain the same. We’re taking a 30th Anniversary Tour of the Morris Worm. We’ll find that the same attacks and defenses remain in use today. It behooves us all, as modern software developers, to understand our history.

 

Generics and Project Success – November 2018

by · October 31, 2018

0
 

In this issue: Generics in PHP, Maintainable Laravel, Starting with PHP, Project Success, security code reviews, and more

 

Magniphpicent 7.3 – September 2018

by · September 4, 2018

0
 

In this issue: Xdebug, Freelancing, Parsing text, MySQL Generated Columns, Gitflow, PhpStorm, and more.

 

Masterful Code Management – August 2018

by · August 3, 2018

1
 

In this issue: Xdebug, Freelancing, Parsing text, MySQL Generated Columns, Gitflow, PhpStorm, and more.

 

Navigating State – July 2018

by · July 2, 2018

1
 

In this issue: State machines, workflows, parsing text, MySQL without SQL, Continuous Integration, self-hosted git, CakePHP, Password Authentication, Issue Tracking, Algorithms, and more.