The OWASP Top 10 security risks for PHP applications

Writing secure software is hard. Even if our employers or managers ignore the risks, we as software engineers have an ethical obligation to deliver secure software. But with thousands of potential weaknesses, where do we start?

The OWASP Top 10 is a list of the ten most critical security risks to web applications based on data and broad consensus. While the Top 10 is far from an exhaustive list, it is a great first step to increase security awareness. In this talk we will look at the latest version of the Top 10 in the context of PHP, and look at how we can mitigate those risks in our applications.