Home About
Services
Consulting and Expertise Security Management Security Governance Business Continuity Security Awareness
Formations
SECURITE OFFENSIVE - ETHICAL HACKING
Cybersecurity Awareness Hacking & Security: Fundamentals Hacking & Security: Advanced Hacking & Security: Expert Certified Ethical Hacker v10 Penetration Testing: Audit Simulation Web Site Audit Social Engineering and Countermeasures Conducting a Security Audit: SI Audit Method Certified Web Application Security Pentester Python for Pentesting Advanced Exploitation with Metasploit Certified of Cloud Security Knowledge Intelligent Android Application Testing Computer Hacking Forensic Investigator v9
INFORENSIQUE
Computer Hacking Forensic Investigator v9 Advanced Forensic Analysis and Incident Response Mobile Device Forensics
MANAGEMENT
ISO 27001: Certified Lead Implementer ISO 27001: Certified Lead Auditor ISO 27005: Certified Risk Manager ISO 27005: Certified Risk Manager + EBIOS Method Certified Information Systems Auditor Certified Information Systems Security Professional Certified Data Protection Officer Certified Information Security Manager ISO 31000: Certified Risk Management ISO/IEC 22301 Certified Lead Auditor ISO/IEC 22301 Certified Lead Implementer ISO/IEC 27032 Certified Cybersecurity Manager ISO/IEC 27034 Certified Lead Auditor ISO/IEC 27034 Certified Lead Implementer ISO/IEC 27035 Lead Incident Manager Certified Lead Pen Test Professional ISO 9001 Certified Lead Auditor ISO 9001 Certified Lead Implementer
SECURITE DEFENSIVE
Android Device Security Awareness >Linux Security Windows Security Network Security Technology Watch Security SIEM Implementation Secure Web Development: Python Session Secure Web Development: PHP Session
Team Contact

Language

FR EN AR
Home / Training / Secure Web Development: PHP Session

Secure Web Development: PHP Session

Master PHP web application security, from design to deployment.

PHP
Web Security
Advanced Training

Objective

PHP is a powerful language enabling rapid development of websites, intranet portals, or business applications. You will learn to avoid the main vulnerabilities related to web applications, as well as those specific to the PHP platform. This training will also allow you to integrate the main best practices into your development cycle to minimize risks and improve the quality of your application. This training covers the essentials of secure development with PHP, from design to deployment.

Specific objectives:

  • Understand the challenges of web application security
  • Know how to use tools to develop securely

Prerequisites

  • Basic development skills
  • Knowledge of the PHP language

General Information

  • Code: DSWPHP
  • Duration: 3 days
  • Schedule: 8:30 AM - 5:30 PM
  • Location: Training Center, Centre Urbain Nord, Tunis

Target Audience

  • System Administrators
  • Developers

Resources

  • Course materials
  • 40% demonstration
  • 40% theory
  • 20% practical exercises

Training Program

  • Day 1
    • Introduction to IT security
    • The security context
    • Risks and impacts
    • PHP overview
    • History: from scripting language to today
    • The PHP ecosystem
    • Main attacks
    • Cross Site Scripting
    • SQL Injection
    • File Inclusion
    • Logical vulnerabilities
    • Race conditions
    • Denial of Service
    • Remote Code Execution
    • Cross Site Request Forgery
    • Session Fixation
  • Day 2
    • Updates
    • System
    • Web applications
    • PHP pitfalls
    • Using the documentation
    • Weak typing
    • Random data generation
    • Timing attacks
    • Serialization
    • Best practices
    • Using Composer
    • PDO and ORMs
    • Frameworks
    • Captchas
    • Securing flows
  • Day 3
    • Development patterns
    • Managing confidential information
    • User input validation
    • Managing redirects
    • Error and exception handling
    • Application deployment
    • Unit testing
    • Continuous integration
    • Deployment system
    • Static code analysis

Do not hesitate to contact our experts for any additional information, study, and free calculation of an audit service.

Information security is essential for any company that must protect and enhance its information assets.

Contact Us