Application Security Nuts to Bolts
This tutorial is a two-part overview of the security practices that developers supporting and developing modern applications should consider. The first part of the tutorial will focus on the common security best practices aimed at putting prevention mechanisms in place for common attack vectors such as XSS, SQL Injection, session hijacking, etc.
The second part of this tutorial will focus on the security best practices and solutions designed to address security issues within an application's business and processing logic. It will provide an overview of how to securely implement these in application data management controls within ACLs and data-models, as well as how to avoid common mistakes and pitfalls.
Ilia Alshanetsky (@iliaa)
Over the last 10 years Ilia has been heavily involved in development of PHP, as a Core Developer and Release Master, authoring many extensions and language improvements. Ilia is also interested in security and performance, and frequently is writing or speaking on these and other PHP related topics. In his spare time, he pretends to be a pro-photographer and engages in various sports.