Defensive Programming for PHP Security

Course Description

This course covers how to design, build, and integrate with frameworks and native PHP functionality to secure applications. It is geared toward lead developers or developers with a strong interest in security, or the need to resolve threat model, secure code review, or penetration test reports. It provides students with the knowledge and skills required to protect data and applications from attack. By the conclusion of this course, students will understand how to design and implement security functionality, and how to leverage native PHP and common frameworks to secure their applications.

Learning Objectives

  • Authenticate users, including using modern JWT SSO, and integrate with two-factor authentication
  • Store sensitive state securely on the server
  • Build and enforce access control policies, including implementing role-based access control, as well understand capabilities-based access control, which is heavily used in mobile applications
  • Implement a full range of input validation and output encoding to avoid common pitfalls such as XSS and DOM XSS, and SQL injection
  • Design and implement secure storage of sensitive data
  • Configure PHP securely

Details

Delivery Format: eLearning

Duration: 1 3/4 hours

Level: Intermediate

Intended Audience:

  • Back-End Developers
  • Front-End Developers
  • Architects

Competencies: Working knowledge of Zend or Symfony framework is helpful but not required

Prerequisites: 

Get more course information


250 / 250

More courses you might like