The OWASP Top Ten is required reading for anyone in software development, regardless of whether or not your role focuses on security. It’s a useful guide to get you started thinking from a strong security mindset. Be careful, however, to avoid thinking the list is exhaustive or provides comprehensive security for your application or system.

Home security systems are an early warning to potential theft or abuse of our personal property. They’re useful because they alert us (and the police) to a problem before the theft happens. Logging and monitoring of our applications and digital systems can similarly help protect our customers and their data. By leveraging an automated intrusion […]

January is a month all about setting resolutions for the new year. A new diet. A new budget. A new FOSS contribution goal. In 2019, let’s intentionally focus on keeping our projects safe and taking a strong stance on security.

The more things change, the more they remain the same. We’re taking a 30th Anniversary Tour of the Morris Worm. We’ll find that the same attacks and defenses remain in use today. It behooves us all, as modern software developers, to understand our history.

In this issue: Generics in PHP, Maintainable Laravel, Starting with PHP, Project Success, security code reviews, and more

In this issue: Xdebug, Freelancing, Parsing text, MySQL Generated Columns, Gitflow, PhpStorm, and more.

In this issue: Xdebug, Freelancing, Parsing text, MySQL Generated Columns, Gitflow, PhpStorm, and more.

In this issue: State machines, workflows, parsing text, MySQL without SQL, Continuous Integration, self-hosted git, CakePHP, Password Authentication, Issue Tracking, Algorithms, and more.

Using events and command buses, self-hosted git, design workflows, parsing text, a look at CakePHP, Composer security, and more

Package managers like Composer make it quick and easy to add third-party libraries to an application. Unfortunately, they can also make it easy to import code that’s not meant to run in production—and might intentionally expose certain vulnerabilities—if your development team isn’t careful.