Inspekt is a PHP library that makes it easier to write secure web applications, and released under New BSD License. Inspekt acts as a sort of 'firewall' API between user input and the rest of the application. It takes PHP...
June 25, 2009
June 20, 2008
HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are...
May 31, 2008
To keep your database safe from SQL injection attacks, GreenSQL is a new Open Source database firewall that you might give a try. GreenSQL works as a reverse proxy and has built in support for MySQL. The logic is based...
June 20, 2007
PHPIDS is a security PHP project which aims to provide a security application layer to protect any PHP web application. Using PHPIDS you will be able to see who is attacking your site and how, while keeping your project safe....
April 8, 2007
PHP Security Consortium released PhpSecInfo 0.2.1 an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. The new release fixed some significant bugs, from the changelog : uid and gid tests...
April 3, 2007
Armorize Technologies have an interesting on-demand PHP source code analysis service CodeSecure. The product developed specifically for PHP, represents a powerful tool for identifying and fixing vulnerabilities in custom developed PHP applications. CodeSecure utilizes the latest verification technology to analyze...
November 12, 2006
Security Management and Risk Tracking (SMART) is a Web-based application to manage an information security program. This is a comprehensive solution that enables a corporation to manage an information security policy, security policy exception handling, security certification and accreditation, third...
Web Security Magazine's RSS
Twitter page
Facebook page