• 708.689.0131
  • Contact us
  • Login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Infosec Gives Partner Program
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Secure Coding in PHP Training Boot Camp

        Learn how to make PHP applications resistant to attacks from security issues around JavaScript, Ajax and HTML5. This boot camp is designed for PHP developers that require effective, real-world, secure programming skills they can implement immediately at the workplace.

        View Pricing Book a Boot Camp

        Learn secure PHP

        • Three days of expert, live Secure Coding for PHP training
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Hands-on cyber ranges and labs
        • Knowledge Transfer Guarantee

         

        View full course schedule

        Training overview

        This comprehensive three-day Secure Coding for PHP Boot Camp discusses web vulnerabilities through PHP-based examples. You’ll learn concepts beyond the OWASP Top Ten, tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload and many others.

        Both the introduction of vulnerabilities and the configuration practices are supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to apply mitigation techniques and introducing the use of various extensions and tools.

        What you’ll learn

        This boot camp teaches you how poor security practices leave applications open to attack and how to implement the necessary tools, techniques and best practices to write code in a secure manner. It will help develop your knowledge and skills around:

        • Basic concepts of security, IT security and secure coding
        • Web vulnerabilities beyond the OWASP Top Ten and know how to avoid them
        • Various security features of PHP
        • Recent vulnerabilities of the PHP framework
        • Typical coding mistakes and how to avoid them
        • Using security testing tools

        Who should attend

        • PHP developers
        • Managers, architects and technologists involved in PHP
        • Anyone interested in learning more about secure PHP coding

        Prerequisites

        Basic to advanced knowledge of PHP, including experience developing PHP applications, as well as familiarity with Apache, MySQL and SQL.

        Everything you need to learn secure PHP

        • Three days of expert, live Secure Coding for PHP training
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Hands-on cyber ranges and labs
        • Knowledge Transfer Guarantee
        View Pricing

        PHP training schedule

        Infosec’s PHP training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • IT security and secure coding

            • Nature of security
            • IT security related terms
            • Definition of risk
            • Different aspects of IT security
            • Requirements of different application areas
            • IT security vs. secure coding
            • From vulnerabilities to botnets and cybercrime
            • Classification of security flaws

            Web application vulnerabilities

            Basics of cryptography

            • Cryptosystems
            • Symmetric-key cryptography
            • Other cryptographic algorithms
            • Asymmetric (public-key) cryptography
            • Public Key Infrastructure (PKI)

            Client-side security

            • JavaScript security
            • AJAX security
            • HTML5 security

            PHP security services

            • ​Cryptography extensions in PHP
            • Input validation APIs

            PHP environment

            • ​Server configuration
            • Securing PHP configuration
            • Environment security
            • Hardening
            • Configuration management

            Advice and principles

            • ​Matt Bishop’s principles of robust programming
            • The security principles of Saltzer and Schroeder

            Input validation

            • Input validation concepts
            • Remote PHP code execution
            • MySQL validation errors – beyond SQL Injection
            • Variable scope errors in PHP
            • File uploads, spammers
            • Environment manipulation

            Improper use of security features

            • ​Problems related to the use of security features
            • Insecure randomness
            • Weak PRNGs in PHP
            • Stronger PRNGs we can use in PHP
            • Password management – stored passwords
            • Some usual password management problems
            • Storing credentials for external systems
            • Privacy violation
            • Improper error and exception handling
            • Classification of security flaws

            Time and state problems

            • ​Concurrency and threading
            • Concurrency in PHP
            • Preventing file race condition
            • Double submit problem
            • PHP session handling
            • A PHP design flaw – open_basedir race condition
            • Database race condition
            • Denial of service possibilities
            • Hashtable collision attack
            • Classification of security flaws

            Using security testing tools

            • Web vulnerability scanners
            • SQL injection tools
            • Public database
            • Google hacking
            • Proxy servers and sniffers
            • Exercise – Capturing network traffic
            • Static code analysis
        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Free PHP training resources

        PHP Lab: File Inclusion attacks

        File inclusion is one of the popular yet old vulnerabilities that are often seen in websites. Learn more.

        See Resources

        PHP Lab: Exploiting SQL Injection

        This article covers exploiting a SQL injection is to identify the vulnerability.

        Learn More

        Preventing and repairing security breaches

        John Torres, president of Guidepost Solutions' Security & Technology Practice, discusses data security breaches, protecting organizations from online and physical threats, and career paths for those looking to pursue a career in cybersecurity.

        Listen Now

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates
          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group