Ibuildings - Blog - ibuildings.com

Industry news, case studies and analysis of PHP-related topics from business perspective.

php blog, php development blog, php businesss blog, enterprise php

Blog

Friday, June 26. 2009

DPC 2009 Day 0 - Stefan Esser's Security Crash Course

From the list of tutorials on Day One of DPC 2009, I chose to sit-in on Stefan Esser's Security Crash Course with the idea that it would be a good opportunity for a review. When he displayed one of his introductory slides about the topics he would be covering, there seemed to be no surprises: input filtering, XSS, CSRF, SQL injection, session management and PHP code inclusion and evaluation -- it was a fairly expected list of all those things in an application that can threaten at one time or another to come back and bite a developer on the back-end (or front-end too for that matter). Even though some of the topics on the list already suggested to me certain known risky situations and how to diffuse them, it didn't matter. I was here, after all, for a review, a reality-check, hoping that certain topics such as PHP code inclusion and evaluation would be made even clearer.

It worked like a charm, although, not immediately, not necessarily in that room on that day.


Continue reading "DPC 2009 Day 0 - Stefan Esser's Security Crash Course"

Posted by Cal Smith in planetphp at 13:52 | Comment (1) | Trackback (1)
Defined tags for this entry: , , , , , ,

Friday, April 18. 2008

Book review: Understanding Enterprise SOA

Last week I read a book covering SOA (Service Oriented Architecture). I thought I'd share some thoughts with you. "Understanding Enterprise SOA" (Manning Publications), is written by Eric Pulier en Hugh Taylor. The target audience for this book are managers and technical architects.

Working with web services, SOAP and mashups with Google maps or flickr, I was anxious to learn more about the architectural part of setting up an SOA in applications. Using webservices is one thing, but designing them in an application environment (which usually contains more than one service component) is another. Maybe because of my technical background I was hoping to get some more insight in how you design SOA applications from a functional analyst and technical architect point of view, but as it turns out, the book is more useful for managers than for technical guys.


Continue reading "Book review: Understanding Enterprise SOA"

Posted by Maurice Maas at 12:21 | Comments (0) | Trackbacks (0)
Defined tags for this entry: , , , , ,
(Page 1 of 1, totaling 2 entries)

United Kingdom (change)