Put Down the Superglobals! Secure PHP Development with Inspekt*
Inspekt is a filtering and validation library for PHP. With a focus on ease of use, Inspekt makes writing secure PHP applications faster and easier. This talk covers the Inspekt library and the "input cage" concept, best practices when utilizing the library, and how to integrate Inspekt with existing applications and popular frameworks.
Inspekt is a comprehensive input filtering and validation library for PHP. With a focus on simplicity, Inspekt makes writing secure web applications in PHP faster and easier.
Attendees of this talk will learn:
- The Inspekt approach to filtering and validating user input, including the “input cage” concept
- how to ensuring secure code throughout the development process
- how to integrate Inspekt with existing applications
- how Inspekt integrates with popular frameworks like CodeIgniter
Initial development of Inspekt was funded by OWASP’s Spring of Code 2007.
More information: http://inspekt.org
With over 15 years of passionate web development experience and open source advocacy, Ed Finkler loves empowering people through technology. He’s excited about creating things and sharing them with the world.
He served as web lead and security researcher at The Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University for 9 years. More recently, he has been helping startup teams build exciting e-commerce, social sharing, and mapping systems. He’s a proud member of the Fictive Kin team, working on Done Not Done, Gimme Bar, and lots of other cool stuff.
Ed spends much of his free time creating and working on open source projects such as Spaz, a long-running, award winning microblogging client. Ed also created the PHP libraries like FUnit, Resty.php, PHPSecInfo, and Inspekt.
- Title: The Story of Spaz: How to Give Away Everything, Make No Money, and Still Win
- Track: Business
- Room: Steel
- Time: 4:45 – 5:30pm
What motivates us as developers? How do we define success? Throughout the development of Spaz, we’ve learned a lot about what works, what doesn’t, and what really matters. Come to hear the story, and participate in the discussion of how we define success in open source.
- Speakers: Edward Finkler