Secure PHP

A Blog and Book about Agile PHP Security

Security Anti-Patterns: Free Online Book Chapter

Not all advice on the web is effective. If you can't verify it, don't depend on it.

Content Security Policy and PHP

CSP is your strongest architectual enforcement tool for preventing rogue code execution

How To Include Security Via Agile Process

Tutorial: Use the specs derived from the User Story to drive security

PHP Security Checklist

No one remembers it all. Every project needs a checklist.

A New Way of PHP Security Thinking

A different perspective changes PHP coding....