PHP and the secure application development life-cycle
With security (finally) taking it’s righteous place within the PHP development world a new phenomenon is occurring that negates all the hard work and energy devoted to making security a hot issue for the developers.
This phenomenon is more commonly known as “tunnel vision”. The amounts of energy expended to make developers more aware of best practices when it comes to secure application development is wasted when a company doesn’t look beyond the coding phase of software development.
For secure application development to work a company wide strategy is required to implement security for an application. Starting at the requirements phase, throughout coding, testing & implementation and beyond, security is as big a factor as QA, usability and what not.
In this session I plan to address the more common errors made with secure application development and the best practices companies can use to make sure they are giving security the attention it so desperately deserves.
Robert van der Linde
Sogeti Netherlands
Robert van der Linde is a PHP software engineer at Sogeti Netherlands. As a Zend certified engineer with a keen interest in security he is the foreman of Sogeti’s company wide security initiative (PaSS).
In his free time Robert loves breaking things, be it software or hardware, taking long walks in the basement and all things closet geeks do to try and fit in with the ‘normal’ people.