Dr. Johannes Dahse had been exploiting security vulnerabilities in PHP applications for 10 years. He finished his Ph.D. in IT security at the Ruhr-University Bochum, Germany, in 2016. Before that, he pioneered new static code analysis techniques in order to assist with his work as a security consultant. He is a co-founder of RIPS Technologies, a Bochum-based IT security company with a focus on code analysis solutions for web applications, and an active speaker at academic and industry conferences.
PHP is the most popular server-side language on the Web and the most favored language for Web attacks. A single security vulnerability in a widespread open-source PHP application can be used to compromise thousands of server installations. But how bad is the security state of open-source applications and plugins today? This talk covers common and […]