News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Pádraic Brady:
PHP Security, Authorative Knowledge and Combining Forces
September 04, 2012 @ 14:55:38

In this new post to his blog Pádraic Brady has proposed a "combining of forces" in the PHP community centered around promoting best practices in the security of PHP applications.

Once you start to dig around PHP Security in earnest, you begin to notice trends and patterns in how programmers behave and accumulate knowledge. The most obvious feature of PHP culture is that we do not have an active "leadership" in security. There is no appeal to authority in PHP security debates, only personal opinions informed by a nebulous entity called "They". There are individuals that I have learned to trust and that's about as far as we can go. [...] In the PHP community, the Authorative Knowedge for PHP Security is derived from a concensus. A concensus based on published articles, the practices of libraries and frameworks, printed books, and the vague meandering thoughts of whoever you follow on Twitter. In other words, our current Authorative Knowledge is you.

He notes that this "everyman security expert" hasn't proven to be the best method for increasing the overall security awareness of PHP developers, so he's proposing something different: the "PHP Security Technical Group (SECTG)".

It's a group of members who share a common interest in sharing information, performing research, publishing articles/newsletters, and generally taking advantage of resource pooling without giving up their individual interests - all towards accomplishing some common goal, i.e. creating or emphasising new Authorative Knowledge. The phrase "Unofficial" is implicit in the group name - this is not an official PHP entity.

If you're interesting in joining in on the cause, you can sign up for the mailing list and get more information as it comes.

0 comments voice your opinion now!
security knowledge leadership technical group sectg mailinglist


blog comments powered by Disqus

Similar Posts

Atlanta PHP Users Group: May Meeting Location Update

Dave Marshall's Blog: Landing a PHP job Part 1: Technical Knowledge and Skills

Dave Marshall's Blog: Landing a PHP job Part 1: Technical Knowledge and Skills

Zend: Zend Technologies and COMMON Create PHP Advisory Group

PlentyofCode.com: J2EE vs ASP.NET vs PHP


Community Events





Don't see your event here?
Let us know!


library framework tool package composer voicesoftheelephpant release language symfony introduction opinion security series interview version laravel mvc update community podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework