Defensive Programming for PHP Security

Course Description

This course covers how to design, build, and integrate with frameworks and native PHP functionality to secure applications. It is geared toward lead developers or developers with a strong interest in security, or the need to resolve threat model, secure code review, or penetration test reports. It provides students with the knowledge and skills required to protect data and applications from attack. By the conclusion of this course, students will understand how to design and implement security functionality, and how to leverage native PHP and common frameworks to secure their applications.

Learning Objectives

Authenticate users, including using modern JWT SSO, and integrate with two-factor authentication
Store sensitive state securely on the server
Build and enforce access control policies, including implementing role-based access control, as well understand capabilities-based access control, which is heavily used in mobile applications
Implement a full range of input validation and output encoding to avoid common pitfalls such as XSS and DOM XSS, and SQL injection
Design and implement secure storage of sensitive data
Configure PHP securely

Details

Delivery Format: eLearning

Duration: 1 3/4 hours

Level: Intermediate

Intended Audience:

Back-End Developers
Front-End Developers
Architects

Competencies: Working knowledge of Zend or Symfony framework is helpful but not required

Prerequisites:

Download PDF

Get more course information

250 / 250

Defensive Programming for PHP Security

Course Description

Learning Objectives

Details

Get more course information

Corporate Headquarters

Customer Support

Worldwide Location

Legal