
PHP Security, Redefined

Chris Cornutt at AppSec USA 2015

Let’s be honest, PHP has had a rocky history with security. Over the years the language has been highly criticized for it’s lack of a focus on security and secure development practices. In more recent years, however, a resurgence has happened in the language and community, bringing secure development back into focus. With PHP 7 on the horizon, the language is making even more strides to improve some of its wayward ways of the past and reinvent itself. I’ll share practical code examples, tools, libraries and best practices that are making it easier than ever to keep PHP applications safe.

Come along with me as I guide you through both the language improvements and community encouragement making PHP a more secure place.

Chris Cornutt
Application Security Engineer, Pardot
For the last 10+ years, Chris has been involved in the PHP community in one way or another. These days he's the Senior Editor of, lead author for, a site dedicated to teaching developers about security and the Securing PHP ebook series. He's also written for several PHP publications and has spoken at conferences in both the U.S. and Europe on security-related topics.