COD 815: Creating Secure Code - PHP
Secure coding is the process of reducing the susceptibility of code to vulnerabilities. This course gives developers an in-depth immersion into secure coding practices with an emphasis on the security features and pitfalls of the PHP programming environment. To complement the knowledge and techniques presented, it includes hands-on labs on implementing secure solutions in PHP and real-world examples of how to find, fix, and prevent vulnerabilities.
Upon completion of this class, participants will be able to:
- Understand the most common flaws in web applications and how to address them
- Understand the risks involved with using XML
- Describe ways of handling private data security within an application
- Understand how to create strong input validation and output sanitization within web applications
- Understand the basics of cryptography
- Understand how to secure data access within an application
Building Secure Web Applications in PHP
This module introduces participants to the challenges surrounding the construction of web applications, such as input/output, authentication/authorization and secure session management.
Using XML Securely
This module introduces the security issues surrounding XML and how to implement secure application behavior when reading and writing XML.
Privacy and Secrets
This module describes the need for maintaining confidentiality and how regulations impact this process. It also covers topics, such as outbound passwords and random number generation.
Input Validation and Output Sanitization in PHP
This module describes the need for validating input from all sources and performing output sanitization to protect the users of an application.
Logging and Exception Handling in PHP
This module presents the process of logging securely and how proper exception handling creates a more secure
Intro to Cryptography
This module provides a high level overview of cryptography basics, including symmetric and asymmetric encryption, and secure hashing.