Secure Coding in PHP Training Boot Camp
What you'll learn
Training overview
This comprehensive three-day Secure Coding for PHP Boot Camp discusses web vulnerabilities through PHP-based examples. You’ll learn concepts beyond the OWASP Top Ten, tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload and many others.
Both the introduction of vulnerabilities and the configuration practices are supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to apply mitigation techniques and introducing the use of various extensions and tools.
What's included
Everything you need to know
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
Syllabus
Training schedule
Day 1
Morning
- CIT security and secure coding
- Nature of security
- IT security related terms
- Definition of risk
- Different aspects of IT security
- Requirements of different application areas
- IT security vs. secure coding
- From vulnerabilities to botnets and cybercrime
- Classification of security flaws
Afternoon
- Web application vulnerabilities
- Basics of cryptography
- Cryptosystems
- Symmetric-key cryptography
- Other cryptographic algorithms
- Asymmetric (public-key) cryptography
- Public Key Infrastructure (PKI)
- Client-side security
- JavaScript security
- AJAX security
- HTML5 security
- PHP security services
- Cryptography extensions in PHP
- Input validation APIs
Day 2
Morning
- PHP environment
- Server configuration
- Securing PHP configuration
- Environment security
- Hardening
- Configuration management
- Advice and principles
- Matt Bishop’s principles of robust programming
- The security principles of Saltzer and Schroeder
Afternoon
- Input validation
- Input validation concepts
- Remote PHP code execution
- MySQL validation errors – beyond SQL Injection
- Variable scope errors in PHP
- File uploads, spammers
- Environment manipulation
Day 3
Morning
- Improper use of security features
- Problems related to the use of security features
- Insecure randomness
- Weak PRNGs in PHP
- Stronger PRNGs we can use in PHP
- Password management – stored passwords
- Some usual password management problems
- Storing credentials for external systems
- Privacy violation
- Improper error and exception handling
- Classification of security flaws
- Time and state problems
- Concurrency and threading
- Concurrency in PHP
- Preventing file race conditions
- Double submit problem
- PHP session handling
- A PHP design flaw – open_basedir race condition
- Database race condition Enroll today: 866.471.0059 | infosecinstitute.com 6
- Denial of service possibilities
- Hashtable collision attack
- Classification of security flaws
Afternoon
- Using security testing tools
- Web vulnerability scanners
- SQL injection tools
- Public database
- Google hacking
- Proxy servers and sniffers
- Exercise – Capturing network traffic
- Static code analysis
Guaranteed results
Our Boot Camp guarantees
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Who should attend
- PHP developers
- Managers, architects and technologists involved in PHP
- Anyone interested in learning more about secure PHP coding
What makes the Infosec Secure Coding for PHP prep course different?
You can rest assured that the Secure Coding for PHP training materials are fully updated and synced with the latest version of the exam. With 20 years of training experience, we stand by our Secure Coding for PHP training with 100% satisfaction guaranteed. This means if you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Before your Boot Camp
Prerequisites
You're in good company
Erik Heiss, United States Air ForceThe instructor was able to take material that prior to the class had made no sense, and explained it in real world scenarios that were able to be understood.
Michelle Jemmott, PentagonI really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.
Robert Caldwell, Salient Federal SolutionsThe course was extremely helpful and provided exactly what we needed to know in order to successfully navigate the exam. Without this I am not confident I would have passed.
We're sorry, but Secure Coding in PHP Training Boot Camp has no scheduled dates. However, we’d love to help you get the specialized training you need. Book a meeting with a sales representative today to discuss setting up a course.
Quick facts
- Duration
- 3 days
- Method
- Live online or team onsite
- Level
- 1-3 years of experience
Award-winning training you can trust
Ready to discuss your training goals? We've got you covered.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.
Request Team PricingQuick facts
- Duration
- 3 days
- Method
- Live online or team onsite
- Level
- 1-3 years of experience
Award-winning training you can trust
Explore our top boot camps
