Finding security vulnerabilities with static analysis

Writing secure code is important to prevent your users' data from being stolen. But vulnerabilities in your code can be difficult to spot and will not always be picked up during manual code reviews. In this talk, we'll look at how various static analysis tools (some of which you might already be using) can be used to detect common security vulnerabilities in your PHP applications in an automated way.

Target audience

This talk is aimed at PHP and DevOps engineers who want to learn how to use static analysis tools to find security vulnerabilities in their PHP code.

  • Language: English
  • Duration: 30-40 minutes
  • Level: intermediate
Nic Wortel

About the speaker

Nic Wortel is an independent software consultant and trainer. After working as a software engineer for over 10 years, he started to offer consulting and training services to help other teams improve their software development processes. From time to time he speaks at meetups and conferences about software development, PHP, DevOps, security, and related topics.