The OWASP Top 10 security risks for PHP applications

Writing secure software is hard. Even if our employers or managers ignore the risks, we as software engineers have an ethical obligation to deliver secure software. But with thousands of potential weaknesses, where do we start?

The OWASP Top 10 is a list of the ten most critical security risks to web applications based on data and broad consensus. While the Top 10 is far from an exhaustive list, it is a great first step to increase security awareness. In this talk we will look at the latest version of the Top 10 in the context of PHP, and look at how we can mitigate those risks in our applications.

View slides

Target audience

This talk is aimed at PHP developers who want to learn about the top 10 web application security risks and how to mitigate them.

  • Language: English
  • Duration: 30-40 minutes
  • Level: intermediate
Nic Wortel

About the speaker

Nic Wortel is an independent software consultant and trainer. After working as a software engineer for over 10 years, he started to offer consulting and training services to help other teams improve their software development processes. From time to time he speaks at meetups and conferences about software development, PHP, DevOps, security, and related topics.