Secure Coding in PHP Training Boot Camp
What you'll learn
Training overview
This comprehensive three-day Secure Coding for PHP Boot Camp discusses web vulnerabilities through PHP-based examples. You’ll learn concepts beyond the OWASP Top Ten, tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload and many others.
Both the introduction of vulnerabilities and the configuration practices are supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to apply mitigation techniques and introducing the use of various extensions and tools.
What's included
Everything you need to know
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Hands-on cyber ranges and labs
- Knowledge Transfer Guarantee
Syllabus
Training schedule
Day 1
Morning
- CIT security and secure coding
- Nature of security
- IT security related terms
- Definition of risk
- Different aspects of IT security
- Requirements of different application areas
- IT security vs. secure coding
- From vulnerabilities to botnets and cybercrime
- Classification of security flaws
Afternoon
- Web application vulnerabilities
- Basics of cryptography
- Cryptosystems
- Symmetric-key cryptography
- Other cryptographic algorithms
- Asymmetric (public-key) cryptography
- Public Key Infrastructure (PKI)
- Client-side security
- JavaScript security
- AJAX security
- HTML5 security
- PHP security services
- Cryptography extensions in PHP
- Input validation APIs
Day 2
Morning
- PHP environment
- Server configuration
- Securing PHP configuration
- Environment security
- Hardening
- Configuration management
- Advice and principles
- Matt Bishop’s principles of robust programming
- The security principles of Saltzer and Schroeder
Afternoon
- Input validation
- Input validation concepts
- Remote PHP code execution
- MySQL validation errors – beyond SQL Injection
- Variable scope errors in PHP
- File uploads, spammers
- Environment manipulation
Day 3
Morning
- Improper use of security features
- Problems related to the use of security features
- Insecure randomness
- Weak PRNGs in PHP
- Stronger PRNGs we can use in PHP
- Password management – stored passwords
- Some usual password management problems
- Storing credentials for external systems
- Privacy violation
- Improper error and exception handling
- Classification of security flaws
- Time and state problems
- Concurrency and threading
- Concurrency in PHP
- Preventing file race conditions
- Double submit problem
- PHP session handling
- A PHP design flaw – open_basedir race condition
- Database race condition Enroll today: 866.471.0059 | infosecinstitute.com 6
- Denial of service possibilities
- Hashtable collision attack
- Classification of security flaws
Afternoon
- Using security testing tools
- Web vulnerability scanners
- SQL injection tools
- Public database
- Google hacking
- Proxy servers and sniffers
- Exercise – Capturing network traffic
- Static code analysis
What makes the Infosec Secure Coding for PHP prep course different?
You can rest assured that the Secure Coding for PHP training materials are fully updated and synced with the latest version of the exam. With 20 years of training experience, we stand by our Secure Coding for PHP training with 100% satisfaction guaranteed. This means if you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Infosec success stories
"The team at Infosec was great from the start, and they were as excited about my journey as I was. They explained the value behind each training I was considering and how it could further my goals. Their enthusiasm was a great motivation throughout the boot camp."
Elle Autumn
EC-Council Certified Ethical Hacking Course: CEH Certification Training Boot Camp Read Elle's Story
"Infosec has uniquely prepared me for any CMMC retraining that will take place inevitably in the future. With them, it’s not just about completing the certification; it's about being a true contributor to the ecosystem."
James Ahern
Certified CMMC Assessor (CCA) Boot Camp Read James's Story
"The hands-on training was the best part. You have an instructor you can actually reach out to and ask questions — not only on the material, but also about things out in the wild with cybersecurity."
Eddie Quinones
CompTIA Security+ Certification Training Boot Camp Read Eddie's Story
"The Infosec CISM Boot Camp gave me the ability to intelligently explain why I'm making a decision. Ultimately, the C-suite is happy and they know, 'Hey, here's a person that we can rely on."
Mohammad Mirza
ISACA Certified Information Security Manager (CISM) Training Boot Camp Read Mohammad's StoryGuaranteed results
Our Boot Camp guarantees
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Who should attend
- PHP developers
- Managers, architects and technologists involved in PHP
- Anyone interested in learning more about secure PHP coding
Before your Boot Camp
Prerequisites
Award-winning training you can trust
No available dates
We're sorry, but Secure Coding in PHP Training Boot Camp does not have any scheduled dates. However, we’d love to help you get the specialized training you need. Book a meeting with a representative today to discuss setting up a course.
Why choose Infosec?
Category
Infosec
SANS Institute
Training Camp
Global Knowledge (Skillsoft)
AI-powered, hands-on skill validation
12 Roles
Integrated for all roles
90 days
*Protects your investment if trained employees leave within three months of obtaining certification (Infosec will train a different employee at the same organization tuition-free for up to one year).
Explore our top boot camps
