Articles I've written

Check vulnerable packages with composer audit
January 25, 2023

When a security vulnerability is discovered in one of the PHP libraries you use, there are several options how you can learn about the bug before it's too late. I've written about PHP Security Advisories Database in one of my previous posts and how you can use it with Roave Security Advisories and a few other ways. However all of them require an extra package or a tool.

(read more…)

Don't let security bugs catch you off guard
November 9, 2020 (updated September 19, 2023)

At the end of August, a critical security bug was discovered and immediately fixed in one of the popular PHP frameworks, Nette. Although the author of the framework, David Grudl, did everything possible, some did not learn about the bug in time and did not update their sites and web apps. Let me tell you a few tips not only for PHP, that will help you to know about similar problems as soon as possible.

(read more…)

My web security training, now available remotely
June 9, 2020

I'm organizing another round of my training, this time remotely. Afternoons, for half of the regular price.

(read more…)

Last dates for Intro to PHP, Classes & objects in PHP training
October 10, 2017 (updated March 1, 2018)

The time has come and after 6 years I'm closing my public training Introduction to PHP and Classes and objects in PHP, the last round this December. I'm also writing some new courses.

(read more…)

All articles