Survive The Deep End: PHP Security

Survive The Deep End: PHP Security
Другая компьютерная литература, Программы
Год: 2017
Добавил: Admin 31 Июл 20
Проверил: Admin 31 Июл 20
Формат:  PDF (297 Kb)
  • Currently 0/5

Рейтинг: 0/5 (Всего голосов: 0)


There are many ways to start a guide or book on PHP Security. Unfortunately, I haven’t read anyof them, so I have to make this up as I go along. So let’s start at the beginning and hopefully it willmake sense.If you consider a web application that has been pushed online by Company X, you can assume thatthere are many components under the boot that, if hacked, could cause significant damage. Thatdamage may include:1. Damage to users - which can include the exposure of emails, passwords, personal identitydata, credit card details, business secrets, family and friend contacts, transaction history, andthe revelation that someone called their dog Sparkles. Such information damages the user(person or business). Damage can also arise from the web application misusing such data orby playing host to anything that takes advantage of user trust in the application.2. Damage to Company X - due to user damage, loss of good reputation, the need to compensatevictims and partners, the cost of any business data loss, infrastructure and other costs toimprove security and cleanup the aftermath, travel costs for when employees end up in frontof regulators, golden handshakes to the departing CIO, and so on.I’ll stick with those two because they capture a lot of what web application security should prevent.As every target of a serious security breach will quickly note in their press releases and websites:Security is very important to them and take it very seriously. Taking this sentiment to heart beforeyou learn it the hard way is recommended.Despite this, security is also very much an afterthought. Concerns such as having a working appli-cation which meets the needs of users within an acceptable budget and timeframe take precedence.It’s an understandable set of priorities, however we can’t ignore security forever and it’s often farbetter to keep it upfront in your mind when building applications so that we can include securitydefenses during development while change is cheap.

Похожие книги

Комментарии к книге "Survive The Deep End: PHP Security"

Комментарий не найдено. Будьте первыми!
Чтобы оставить комментарий или поставить оценку книге Вам нужно зайти на сайт или зарегистрироваться