International PHP Conference
The Conference for PHP and Web Development

Practical Security in Web Applications

Session
Until conference starts:
✓ 2-in-1 conference package
✓ Group discount
✓ Extra specials for freelancers
Register now
Bis Konferenzbeginn:
✓ 5-Tages-Special
✓ Kollegenrabatt
✓ Special Discount für Freelancer
Jetzt anmelden
Thank you for attending
✓ See you in 2022!
Danke für Eure Teilnahme
✓ Bis 2022!
Infos
Tuesday, June 4 2019
10:30 - 11:15
Room:
Salon 2

Explore effective methods to identify & avoid the most common and devastating security pitfalls in Web Applications.

When it comes to an enterprise’s exposure to security vulnerabilities, one could easily argue that its web presence is by far its greatest threat. There are many ways to build vulnerable applications and a few effective ways to "build them right". We’ll instrument you to stay on right side of this equation.

Agenda:

Basic Resources and Tooling

  • We’ll look at the OWASP Top 10
  • Open-Source Code Analysis for your CI/CD
  • Open-Source Security Scanning

Low-level Threat Avoidance

  • Avoiding SQL Injections — Dangers of not properly-using an ORM
  • Avoiding CSRF
  • Avoiding XSS
    • Data Scrubbing
    • Data Rendering

Application Threat Avoidance

  • User Authentication / Password Hashing
  • OAuth Security
  • Resource Access
    • Multi Tenancy: Users & Companies

Architectural Considerations

  • Systems Architecture
  • Credentials Handling

This Session originates from the archive of Diese Session stammt aus dem Archiv von BerlinBerlin . Take me to the program of . Hier geht es zum aktuellen Programm von Munich München .

This Session originates from the archive of Diese Session stammt aus dem Archiv von BerlinBerlin . Take me to the program of . Hier geht es zum aktuellen Programm von Berlin Berlin .

This Session Diese Session originates from the archive of stammt aus dem Archiv von BerlinBerlin . Take me to the current program of . Hier geht es zum aktuellen Programm von Munich München or oder Berlin Berlin .

Stay tuned!

Behind the Tracks of IPC

PHP Core & Coding
Best practices & applications

General Web Development
Broader web development topics

DevOps & Continuous Delivery
Learn about DevOps and transform your development pipeline

Software Architecture
All about PHP frameworks, concepts & environments

Web Security
All about web security

Software Quality
More about software testing tools & strategies

Agile & Company Culture
Getting agile right is so important

Content Management Systems
Sessions on content management systems

#slideless (pure coding)
See how technology really works

PHP Frameworks
All about PHP Frameworks

Docker, Kubernetes, Cloud
Cloud-based & native apps