COD 815: Creating Secure Code - PHP

Live Training English
Duration: 1 or 2 days | Course is offered in English

Course Overview

Secure coding is the process of reducing the susceptibility of code to vulnerabilities. This course gives developers an in-depth immersion into secure coding practices with an emphasis on the security features and pitfalls of the PHP programming environment. To complement the knowledge and techniques presented, it includes hands-on labs on implementing secure solutions in PHP and real-world examples of how to find, fix, and prevent vulnerabilities. 

Upon completion of this class, participants will be able to:

  • Understand the most common flaws in web applications and how to address them
  • Understand the risks involved with using XML
  • Describe ways of handling private data security within an application
  • Understand how to create strong input validation and output sanitization within web applications
  • Understand the basics of cryptography
  • Understand how to secure data access within an application

Course Modules

Building Secure Web Applications in PHP

This module introduces participants to the challenges surrounding the construction of web applications, such as input/output, authentication/authorization and secure session management.

Using XML Securely

This module introduces the security issues surrounding XML and how to implement secure application behavior when reading and writing XML.

Privacy and Secrets

This module describes the need for maintaining confidentiality and how regulations impact this process. It also covers topics, such as outbound passwords and random number generation.

Input Validation and Output Sanitization in PHP

This module describes the need for validating input from all sources and performing output sanitization to protect the users of an application.  

Logging and Exception Handling in PHP

This module presents the process of logging securely and how proper exception handling creates a more secure
web application.

Intro to Cryptography

This module provides a high level overview of cryptography basics, including symmetric and asymmetric encryption, and secure hashing.