Defensive Coding Crash Course

Mark Niebergall (08.Feb.2018 at 13:00, 3 hr )
Workshop at SunshinePHP 2018 (English - US)

Rating: 4 of 5

Ensuring software reliability, resiliency, and recoverability is best achieved by practicing effective defensive coding. Take a crash course in defensive coding with PHP and learn about attack surfaces, input validation, canonicalization, secure type checking, external library vetting, cryptographic agility, exception management, code reviews, and unit and behavioral testing. Learn some helpful tips and tricks from experienced professionals within the PHP community as we review the latest blogs and discussions on best practices to defend your project.

Who are you?

Claim talk

Talk claims have been moved to the new site.

Please login to the new site to claim your talk

Comments closed.


Rating: 4 of 5

08.Feb.2018 at 15:42 by Alexandra Brown (12 comments) via Web2 LIVE

Good hands-on activities and super relevant for what I do with PHP. The break up of discussion followed by activities made the time manageable. A suggestion I would have for the first exercise would be to have the file and stubs for the getters set up so we can focus on the validation part. I think I wasted a lot of time just trying to get my file set up to read (I had to google methods to use) and then stubbing out methods.

Rating: 4 of 5

08.Feb.2018 at 15:57 by Ryan Ballard (10 comments) via Web2 LIVE

Good intro to defensive coding.

Rating: 4 of 5

10.Feb.2018 at 11:30 by Kenneth E. Marks (30 comments) via Web2 LIVE

Fantastic tutorial! I really liked the interaction and how you covered a lot of the low hanging fruit of defensive coding. I also liked that you grouped us up in teams to work together. It was a great hands on tutorial!

Rating: 4 of 5

11.Feb.2018 at 17:48 by Scott Hardie (17 comments) via Web2 LIVE

Really good tutorial! You covered a huge breadth of ideas efficiently and effectively, and I really liked the game of trying to decrypt those strings. In the first practice activity, if there was a way to get the CSV data into the getters class, I couldn't find it, and I wasted the first 15 minutes just writing my own, so some clarity on that point would have been appreciated. Thanks for the great tutorial!

Rating: 4 of 5

12.Feb.2018 at 13:40 by Tina Matter (1 comments) via Web2 LIVE

This was a great hands-on tutorial. Working with someone else during the activities really caused me to step outside of my comfort zone. It was a great experience for me. I wasn't able to participate in the Unit Testing activity because I had no idea how to start. So unless you've already had experience with Unit Testing, I don't think this activity was helpful. For me, I guess it would have been helpful to start with an example that everyone can follow along with.

Rating: 3 of 5

12.Feb.2018 at 14:08 by Jeremy Hennig (6 comments) via Web2 LIVE

It was a good introduction and I learnt a few good tips. I thought the exercises were unnecessary, the time would have been better spent looking at common errors in code or doing some code reviews.

© 2019