Menu
I've started reading a book on PHP security (but it's really all theoretical not so much practical) and have it in my plan to read Chris Shiflett's and Schenider's blogs, but does anyone know of a formal course that I can attend or even get a certificate that proves I know how to write secure PHP code?
Edit: I got a lot of answers, some of which don't answer my question. So I'm quoting ircmaxell's comment because it really hits the point.
While I agree with the cert not mattering (and that finding vulnerabilities is the best way to learn), I'm not sure that answers the question. How should one go from not knowing anything about security to the point where they can do audits to be able to find vulnerabilities
What I want to add though is that while I agree that experience is more important that certification, certification is not unimportant. It's a quick proof that I know more than the high school hobbyist programmer from India who's charging $30 for a full project.
966
http://www.zend.com/services/certification/ is a good one.
Before you take that exam you might want to have a look at:
152
Writing secure code spans more than just PHP: good code, proper code is language agnostic. While there are nuances in each language, there are a base set of principals to learn that are transferable no matter what you write in. It's best to learn those core values and then learn about the specifics of the language. Basic knowledge of cryptography, good database design, proper memory management, and operating system principals will give you more insight to security than just being certified in PHP security.
When it comes right down to the point, writing secure code should be a part of any programmer's skill set.
21
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
