Termine

To ensure the high quality of your source code, you of course write (unit) tests and do regular code reviews. Judging the state of security though may seem a lot harder than it is – if you don't know what to look for and where to get started. This talk will introduce you to security audits, why and how tools can assist a manual review and why a mere scanner based approach doesn't work.

Somehow you met the impossible deadline, your project is online and you now deserve some time to relax. Other than you and me though, the internet does not sleep and your application is under constant risk of attack. Even without having access to the source code, attackers have their ways to break into applications and steal or modify private information. Switch sides for a day and attack the demo blackbox application! Learn how attackers gather information, exploit vulnerabilities and hijack servers – and what to do to stop them.

No matter if your server runs RedHat Enterprise Linux, CentOS, Debian/Ubuntu or Suse Linux – every linux distribution comes with a package management system (PMS) to automate the process of installing, upgrading, configuring, and removing software packages in a consistent manner ... Yet when deploying PHP based applications many developers fall back to SCP, or even worse FTP. This session will show you how easy it is to create custom packages and make use of the power provided by your PMS to automate deployment.

Where did Bob live two years ago? And what was his last e-mail address again? If your application needs to keep track of things that change over time, you must take a step beyond normal object relations or foreign keys in a database. This presentation introduces temporal patterns to solve these kinds of problems and shows how to effectively implement them in PHP using the date extension.

Many decisions are required when developing software. If we are not sure which path to choose (which is often), we just guess. How about running an A/B test instead, so we can base our decision on empirical data? Why not continuously run A/B tests to increase conversion rates or sales? This presentation introduces how to properly do experiment-driven development in PHP.

Today’s web applications require frequent updates, not just by adding or upgrading features, but by maintaining and improving the software’s existing code base as well. This tutorial teaches PHP developers how to use Jenkins, the popular continuous integration server, to monitor various aspects of software quality throughout a project’s lifecycle.

Attendees of this tutorial will learn how to implement continuous integration to automate processes for building and deploying regular software releases. They will also learn how to use Jenkins to monitor and improve their applications through continuous inspection and static code analysis.