{"product_id":"security-principles-for-php-applications-a-phparchitect-guide-paperback","title":"Security Principles for PHP Applications: A php[architect] guide - Paperback","description":"\u003cdiv\u003e\u003cp style=\"text-align: right;\"\u003e\u003ca href=\"https:\/\/reportcopyrightinfringement.com\/\" target=\"_blank\" rel=\"nofollow\"\u003e\u003cb\u003eReport copyright infringement\u003c\/b\u003e\u003c\/a\u003e\u003c\/p\u003e\u003c\/div\u003e\u003cp\u003eby \u003cb\u003eEric Mann\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003eDiscover how to secure your applications against the vulnerabilities exploited by attackers.\u003c\/p\u003e\u003cp\u003eSecurity is an ongoing process not something to add right before your application launches. In this book, you'll learn how to write secure PHP applications from first principles. You'll be able to identify the threats exposed by legacy applications and avoid following the same broken patterns while engineering your tools. This book will give you the background to avoid the risk most commonly encountered in web application development.\u003c\/p\u003e\u003cp\u003eThis book is for anyone getting their start in web development. It's for anyone who wants to understand better the common risks that plague newer applications. It's for seasoned developers who want a refresher on the common pitfalls and mistakes that may affect their code. It should be a resource you can turn to when building or maintaining your web application to ensure you're practicing a security-first mindset.\u003c\/p\u003e\u003cp\u003eThis book is divided primarily into two sections. The first covers the ten application security risks presented by the OWASP Top Ten (as of 2017). Each chapter in this section will detail: \u003c\/p\u003e\u003cul\u003e \u003cli\u003eThe nature of the vulnerability to be avoided.\u003c\/li\u003e \u003cli\u003eExample code illustrating how the vulnerability might appear in practice.\u003c\/li\u003e \u003cli\u003eA detailed illustration of how to properly patch the vulnerability.\u003c\/li\u003e \u003cli\u003eNotable examples where this vulnerability has impacted business in the wild.\u003c\/li\u003e\n\u003c\/ul\u003eWhy wait until your site is attacked or your data is breached?\u003cp\u003ePrevent your exposure by being aware of the ways a malicious user might hijack your web site or API.\u003c\/p\u003e\u003cp\u003e\u003ci\u003eSecurity Principles for PHP Applications\u003c\/i\u003e is a comprehensive guide to cultivating a security-first mindset. This book contains examples of vulnerable code side-by-side with solutions to harden it. Organized around the 2017 OWASP Top Ten list, topics covered include: \u003c\/p\u003e\u003cul\u003e \u003cli\u003eInjection Attacks such as SQL, OS, and LDAP caused by using untrusted data.\u003c\/li\u003e \u003cli\u003eAuthentication and Session Management to prevent compromising user passwords, kets, and session tokens.\u003c\/li\u003e \u003cli\u003eSensitive Data Exposure-adequately protecting data such as credit card numbers, tax IDs, and authentication credentials\u003c\/li\u003e \u003cli\u003eAccess Control and Password Handling to properly enforce what authenticated users are allowed to do.\u003c\/li\u003e \u003cli\u003ePHP Security Settings to harden the server, framework, and libraries used to build your software.\u003c\/li\u003e \u003cli\u003eAvoiding Cross-Site Scripting flaws by properly validating input and escaping output strings.\u003c\/li\u003e \u003cli\u003eAdequately Logging and Monitoring to identify threats in real-time.\u003c\/li\u003e \u003cli\u003eAPI Protection by detecting, preventing, and responding to manual and automated attacks\u003c\/li\u003e \u003cli\u003ePreventing Cross-Site Request Forgery which can trick application users into sending forged HTTP requests.\u003c\/li\u003e \u003cli\u003eUsing components with known vulnerabilities\u003c\/li\u003e \u003cli\u003eInsecure deserialization which can allow attackers to run arbitrary code\u003c\/li\u003e \u003cli\u003eXML External Entities-guarding against injection attacks when parsing XML input.\u003c\/li\u003e \u003cli\u003eGuarding against unvalidated redirects and forwards.\u003c\/li\u003e \u003cli\u003eUsing peer code reviews to identify security issues before they are deployed to production.\u003c\/li\u003e\n\u003c\/ul\u003e\u003cp\u003eWritten by PHP professional Eric Mann, this book builds on his experience in building secure, web applications with PHP.\u003c\/p\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 202\u003c\/div\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 0.43 x 9.25 x 7.52 IN\u003c\/div\u003e\n            \u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e December 18, 2017\u003c\/div\u003e\n            ","brand":"BooksCloud","offers":[{"title":"Default Title","offer_id":52492954599731,"sku":"9781940111612","price":46.15,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0300\/5595\/6612\/files\/Z0ZpS01hZm5tcUdCKzgrZ25NZnh5QT09.webp?v=1759946335","url":"https:\/\/www.vysn.com\/en-ca\/products\/security-principles-for-php-applications-a-phparchitect-guide-paperback","provider":"VYSN","version":"1.0","type":"link"}