Every successful development team has two things in common: they’ve shipped a product, and they accepted compromises to make that shipment possible. Every team and every project has technical debt. It comes with the territory when you start building software. Usually, the term “technical debt” is seen as a negative, but that’s not always true.

PHP Unit, Mockery, Type Hints, Async PHP, building a REST API, training programs, PHP isolation and security, serverless computing, Laravel auth, and more.

Developers the world over were in shock this past May as thousands of computers in the UK’s National Health System were rendered inoperable due to a malware attack. Thanks to a previously leaked vulnerability in Windows’ operating system, and the notoriously slow rate at which large enterprises apply system patches, hackers were able to infiltrate […]

Authentication is the foundation of your application’s security. Authentication separates guests from users and restricts functionality in your application to authenticated users. We can also take authentication a step further and completely offload the grunt work to some other service such a GitHub, Google, or any other third party authentication service provider.

Developers often conflate two different modes of data encryption when protecting the systems on which their applications run. One is encryption at rest. The other is application-level encryption. These approaches are similar, but they are not the same. It behooves the savvy developer to understand the difference.

Why wait until production deployment to identify security vulnerabilities? Using tools like Burp Suite, you can find security vulnerabilities before they’re on the web. In this article, you will see examples of vulnerabilities which were detected early, and how to integrate these practices into your daily workflow.

Last November, the Open Web Application Security Project (OWASP) published a new list of their “top ten” application security risks (ASRs). These are the most commonly encountered coding and security issues on the web according to an industry survey and the opinion of leading developers in the field. One of the newer ASRs to make […]

By the time you read this, the PHP community should have introduced the world to the newest version of our favorite language. This latest version adds better support for type annotations, allows trailing commas in lists (just like JavaScript and other dynamic languages) and introduced several security improvements. The most notable security addition, however, is […]

By Arne Blankerts This article was published in the August 2017 issue of php[architect] magazine. You can see how it looks as part of the magazine in the Free Article PDF. Check out our subscription options to become one today. We have digital and print options starting at $4.99 per month. Requiring users to log […]

by Mark Niebergall The cybersecurity landscape is continuously changing as new threats appear and attackers adapt. Data breaches, cyber attacks, identity theft, and scams show up regularly in the news and can have a significant negative impact to those affected by them. Keeping up with the latest cyber security trends, understanding the threats, and keeping […]