Web Admin Blog

Real Web Admins. Real World Experience.

Entries Tagged ‘php’

Enterprise Risk Management for the Masses

A couple of years ago I decided, along with support from my management, that Enterprise Risk Management would become a focal point for my Information Security Program.  I was convinced that framing vulnerabilities in the form of risks was essential to giving management visibility into issues they currently didn’t know existed and to give our […]

A XSS Vulnerability in Almost Every PHP Form I’ve Ever Written

I’ve spent a lot of time over the past few months writing an enterprise application in PHP.  Despite what some people may say, I believe that PHP is as secure or insecure as the developer who is writing the code.  Anyway, I’m at the point in my development lifecycle where I decided that it was […]

Coding Secure with PHP – OWASP AppSec NYC 2008

This presentation was by Hans Zaunere, Managing Member, and it is entitled “PHundamental Security – Ecosystem Review, Coding Secure with PHP, and Best Practices”.  Take a look at http://www.nyphp.org/phundamentals/ for the ongoing guide and best practices.  Guru Stefan Esser recently presented an excellent talk at Zendcon. Security fundamentals are common across the board.  Different environments […]