It’s common to hear people preach “plan in security from the start” and in an ideal world you can. Here in the real world, though, we have legacy code that’s gathered over time and comes with a host of problems - (in)security included. What do you do when you’ve been commissioned with securing an application that’s showing its age? Follow along with me as a I step you through a list of tips and tricks you can use to discover security issues in your application and effectively fix them and secure your application.
Topics will include some of the most common vulnerability types, key places to look for potential issues and arm you with the tools and knowledge you’ll need to refactor that legacy application into something secure.
Presented at Sunshine PHP 2017