Our Mission

websec.io is dedicated to educating developers about security with topics relating to general security fundamentals, emerging technologies and PHP-specific information.

We also offer security consulting services for PHP and general application security needs.

If there's a topic you don't see here and would like to read about (or would like to write an article) let us know!


Looking for more information about securing PHP-based applications? Check out the Securing PHP ebooks:

Tagged: coreconcepts


   Core Concepts: Access Control (A Primer)
Good access control systems (and its management) are key to an application's security.
by Chris Cornutt #access #control #coreconcepts

   Core Concepts: Trust Boundaries
Trust boundaries are the gatekeepers for data in your applications.
by Chris Cornutt #coreconcepts #threat #boundary

   DREADing Your Security
Using the DREAD threat modeling framework you can get a better view of the risk of your application.
by Chris Cornutt #dread #threatmodel #rating #coreconcepts

   Core Concepts: Attack Surface
Knowing the exposed points of your application can help heighten your security and defenses.
by Chris Cornutt #coreconcepts #attack #surface

   Core Concepts: Attack Patterns
Attack patterns provide a common language to refer to threat types and methods of attack.
by Chris Cornutt #attack #pattern #coreconcepts

   Core Concepts: Defense in Depth
Part of the "Core Concepts" series, examines the "Defence in Depth" thought pattern to secure your app.
by Chris Cornutt #coreconcepts #defenseindepth