New Zend Podcast: PHP Abstract

Zend has a new PHP Developer Podcast called PHP Abstract:

PHP Abstract LogoEach episode features a different special guest bringing you their expertise, compressed into a five to seven minute package.

We will be covering a broad range of topics. From security to project planning and hiring good developers and much more.

Their first podcast, PHP Abstract Episode 1 - PHP Security Tips, featured Eli White. What a relief to have someone skip over the same rehashed security material into things less commonly talk about.

Off to a good start in my books. At under 10 minutes a shot I'll be subscribing to check them out. (And have already suggested Dries as a great guest choice! ;)

March 2007 to be the Month of PHP Bugs


I first saw this at the SecuriTeam Blog. I suspect it will be all over the place very soon.

Stefan Esser, a name in the PHP security space, announced he's doing a "Month of PHP Bugs" in March 2007. He discusses (announces?) it in this interview with Security Focus.

It could be busy month for the folks maintaining web infrastructure, if not from applying fixes then answering questions from the concerned.

.htaccess Rule for Limiting File Access by IP

Bèr Kessels gives an example of using a .htaccess to limit file access to update.php:

Disallow anyone but you, to reach the update files

Always nice having an explicit example handy, so I've added it to the Drupal Compendium.

Patch Management

At the September CIPS Security Special Interest Group meeting Robert Hawk spoke on patch management. A lot of what Robert had to say was pure project management and governance principals applied to the security domain. The value of Robert

ISO Security User Group Starting Up

Among the many ISO standards there's a set focused on security and governance, with ISO17799 being the big one. Wikipedia's article is here: ISO/IEC 17799. Just received notice that a local security user group is being formed for security knowledge sharing of the ISO kind.

Full announcement follows.

Westcoast Security Forum 2006

The organizing committee for the Westcoast Security Forum have finalized date and location:

When: November 27 - 28th, 2006
Where: Westin Bayshore Resort, Vancouver British Columbia, Canada

Call for papers is still open.

Full information at

Subscribe to RSS - Security