Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Symfony Blog:
Symfony2 Security Audit
Oct 07, 2011 @ 14:04:19

Fabien Potencier (of the Symfony framework project) has posted the results of a security audit that was performed on the framework by SektionEins.

The Symfony2 core team takes security issues very seriously; we have a dedicated procedure to report such issues, and the framework itself tries to give the developer all the features needed to secure his code easily. Thanks to our successful community donation drive, SektionEins performed a security audit on the Symfony2 code earlier this year. The audit is now over and the good news is that the Symfony2 code is pretty solid; only minor problems have been found. They have all been addressed now

Their findings included things like the Request component trusting certain headers, bad regex validation on datetimes, password encoding issues, cookie handling and exception handling issues. Links to the fixes for each are included in the post.

tagged: symfony2 security audit sektioneins framework fix

Link:

ThinkPHP Blog:
SektionEins: joined forces of Stefan Esser/Hardened PHP and Mayflower
May 24, 2007 @ 17:02:00

The ThinkPHP Blog has some new information posted about a collaboration between the Mayflower Group and Stefan Esser (and the Hardened-PHP Project) to create SektionEins.

SektionEins specializes in Web Application Security, supporting every web platform available out there. Of course there is some special knowledge in the area of PHP included and the Chorizo and Consulting experience does add a lot of Web2.0 knowhow.

With SektionEins both Suhosin and Chorizo found a new home. And so does Web Application Security.

Currently, the new service hasn't launched yet, but you can enter your email address to be notified when it's open for business.

tagged: mayflower stefanesser sektioneins mayflower stefanesser sektioneins

Link:

ThinkPHP Blog:
SektionEins: joined forces of Stefan Esser/Hardened PHP and Mayflower
May 24, 2007 @ 17:02:00

The ThinkPHP Blog has some new information posted about a collaboration between the Mayflower Group and Stefan Esser (and the Hardened-PHP Project) to create SektionEins.

SektionEins specializes in Web Application Security, supporting every web platform available out there. Of course there is some special knowledge in the area of PHP included and the Chorizo and Consulting experience does add a lot of Web2.0 knowhow.

With SektionEins both Suhosin and Chorizo found a new home. And so does Web Application Security.

Currently, the new service hasn't launched yet, but you can enter your email address to be notified when it's open for business.

tagged: mayflower stefanesser sektioneins mayflower stefanesser sektioneins

Link:


Trending Topics: