SECURITY RESEARCH, NEWS & GUIDANCE
Welcome to the Security Ninja website & blog.
We will bring you the latest information and advancements in the area of secure web application development as well as general information security and compliance guidance. Follow us on Twitter and Facebook for the latest updates.
July 2, 2014 | Written by Security Ninja |
While PHP has a bad reputation for being an insecure language, like any programming languages it can be used securely if proper defences are taken. Developing an application using the Secure Development Principles is a great first step to defending your application, but it’s important to implement a defence in depth approach to also lock down the PHP interpreter and server. This can also be a great benefit when you’re required to run 3rd party … Read more
- Lack of input validation leading to SQL Injection and code fix.
- Lack of input validation leading to local file include and code fix.