april edition of the phpsec newsletter

Top Page
Author: Andre John Cruz
Date:  
To: phpug-ph, phphilippines, PHP Web Development
Subject: april edition of the phpsec newsletter
hi everyone,

i just posted the contents here. i'm sure some of you will find some of the
articles/news here of good use when it comes to PHP security:

==================================================================

>>From chris at phpsec.org <http://phpsec.org> Mon Apr 4 19:02:00 2005

From: chris at phpsec.org <http://phpsec.org> (Chris Shiflett)
Date: Mon Apr 4 19:01:54 2005
Subject: [phpsec-news] PHP Security Consortium Newsletter - Apr 2005
Message-ID: <4251F198.7000202@???>

=============================================
PHP Security Consortium Newsletter - Apr 2005
=============================================

Welcome to the PHP Security Consortium's first newsletter. We are
still in infancy as an organization, but I've been very encouraged by
the attention that we have received as well as the heightened
interest in security within the PHP community.

The newsletters will be issued around the first of each month, and
they will deliver a brief update about the state of the PHP Security
Consortium, including recent updates to the site and other news
pertinent to security-conscious PHP developers.

Thanks for your interest in PHP security.

Chris Shiflett
PHP Security Consortium
http://phpsec.org/

=================
Article Additions
=================

Password Hashing, by James McGlinn
     http://phpsec.org/articles/2005/password-hashing.html


=================
Library Additions
=================

Sun, 20 Mar 2005

     ModSecurity: Open Source Web Application Firewall
     http://www.modsecurity.org/


Sat, 12 Mar 2005

     Web App Security Testing with a Custom Proxy Server
     http://www.onlamp.com/lpt/a/4510


     php|architect's PHP Security Mailing List
     http://phparch.com/phpsec/


Wed, 23 Feb 2005

     PHP Cryptography: An Introduction Using Mcrypt
     http://phpmag.net/itr/online_artikel/psecom,id,667,nodeid,114.html


Mon, 21 Feb 2005

     PHP and the OWASP Top Ten
     http://www.sklar.com/page/article/owasp-top-ten


     Authentication and Session Management on the Web
     http://www.westpoint.ltd.uk/advisories/Paul_Johnston_GSEC.pdf


     Open Web Application Security Project
     http://www.owasp.org/


     Web Application Security Consortium
     http://www.webappsec.org/


     ModSecurity Resource Library
     http://www.modsecurity.org/db/resources/


===========
Latest News
===========

PHP West: Security Conference Call for Speakers
http://phpsec.org/about/news/17mar2005.html

     PHP West, a division of Open Source Events, is holding their
     second conference in Vancouver, British Columbia, on PHP and open
     source security. The conference will be held on June 11, 2005,
     and will be a one day, single track event. Open Source Events has
     published a call for speakers on their web site for anyone
     interested in submitting a talk.


     Open Source Events's last conference was focused on PHP web
     services, hosted more than 160 attendees in the Vancouver
     Planetarium, and had the pleasure of welcoming Rasmus Lerdorf and
     many other industry experts.


     Visit phpwest.com <http://phpwest.com> for more information.


===========
New Members
===========

Daniel Convissor
Derick Rethans
James Plush
Zeev Suraski

=================================
About the PHP Security Consortium
=================================

Founded in January 2005, the PHP Security Consortium (PHPSC) is an
international group of PHP experts dedicated to promoting secure
programming practices within the PHP community. Members of the PHPSC
seek to educate PHP developers about security through a variety of
resources, including documentation, tools, and standards.

In addition to their educational efforts, the PHPSC engages in
exploratory and experimental research in order to develop and promote
standards of best practice for PHP application development.
______________________________________________
PHP Web Development Mailing List
php@??? (#PHP @ irc.free.net.ph)
http://lists.free.net.ph/mailman/listinfo/php
Searchable Archives: http://marc.free.net.ph