PHP Security Consortium

Consortium News

• 7 Most Common PHP Vulnerabilities
• How to Run PHP Files
• PHP Security Consortium Launches New Project – PHPSecInfo
• Daniel Convissor Elected as Principal
• The [phpsec-news] Mailing List Launches

Promotional Links

Please support us by providing a link to the PHP Security Consortium on your web site. You can also use our promotional image:

Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards. [more…]

Projects

PHP Security Consortium work is organized into projects. These projects can consist of documentation, utilities, and any other resources that promote the Consortium’s mission.

Each month, we select a noteworthy project as our Project Spotlight. We also announce new projects and new releases of existing projects as they are completed.

Articles

In an effort to highlight sound security practices in PHP development, we publish articles that exhibit a high level of quality and accuracy. These articles can be written by members of the general PHP community but are subject to Consortium approval.

We also host a Library that contains links to approved external resources.

Project Spotlight: SecurityFocus Summaries

The SecurityFocus Summaries project, led by Daniel Convissor, is the first step in an effort to better inform the community about vulnerability discoveries in PHP and in applications that use PHP. The summaries are aggregated from the weekly SecurityFocus newsletters, and there is an XML Feed to which you can subscribe.

(Note: Other sources of information include php|architect’s PHP Security Mailing List and the Hardened-PHP Advisories.)