News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Anthony Ferrara:
Our Failure As An Industry
May 07, 2013 @ 09:19:34

Anthony Ferrara has a new post to his site today describing what he sees as a failure in our industry - letting security become an after-thought to the development process.

In the April issue of the PHPArch magazine (also published on her blog), Elizabeth Tucker Long wrote a really interesting editorial piece coining a concept she called Security-Driven-Development. She (quite correctly) identified a problem in the current development community where security has become an after-thought (if it's thought of at all). This isn't a new concept, in fact it's a concept that I and many others have been preaching for quite a while now. However I've been coming to realize that I've had it wrong the whole time. And I think the entire industry is getting it wrong today.

He talks some about the current state of web application development and how, even with more powerful technologies than ever, we still fall short in security testing. He suggests that the current way of doing things - treating security testing as a "throw it over the wall" or "someone else's job" problem - needs to stop. Security needs to be integrated with development and he suggests that managers and developers of open source projects should take the lead.

0 comments voice your opinion now!
failure industry security testing development opinion

Link: http://www.lornajane.net/posts/2013/setting-multiple-headers-in-a-php-stream-context

blog comments powered by Disqus

Similar Posts

Paul Jones' Blog: What Does This Say About Unit-Testing in PHP Land?

Sebastian Bergmann's Blog: Google Summer of Code 2007

Jani Hartikainen's Blog: A simple way to make your code better: Stop adding more parameters

Ian Kallen\'s Blog: PHP Best Practices, Frameworks and Tools

International PHP Magazine: Poll Question: Which PHP Script Manages FAQs Effectively?


Community Events





Don't see your event here?
Let us know!


language community release framework introduction artisanfiles library laravel series symfony voicesoftheelephpant tool conference composer podcast opinion version list security interview

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework