Securing legacy code can be tricky, here's a few "quick hits" to get you started
Defaulting to secure settings in your tools helps keep the world a safer place
Passwords are a thorn in the security of any application. How can we fix this?
Good validation practices on incoming data can save lots of trouble down the line.
Authorization in your Twig templates doesn't have to be tricky.
Proper risk evaluation can minimize the impact an attack can have on your apps.
Property-based policy evaluation is a more flexible alternative to the usual hard-coded checks
Why isn't application security taught as a beginner concept?
The Securing PHP ebook series helps introduce you to basic security concepts and some of the
most common security issues in web applications.
websec.io is dedicated to educating developers about security with topics
relating to general security fundamentals, emerging technologies and PHP-specific
We believe an informed developer is a secure developer.
You can follow us at:
Copyright Websec.io © 2016 All Right Reserved.