Zend Black Friday: Share the joy of learning how to build a more secure web!

***Purchase a Building Security into your PHP Applications class now and get a second spot for free! During this Black Friday weekend (November 25-30, 2015), all registrants are entitled to a Buy One Get One Free promotion. Use the discount code BOGO during checkout to get the Buy One Get One offer. Simply forward your completed purchase confirmation email to itraining@zend.com to receive instructions on how to get the second class free for your friend.***

Security is paramount when developing applications for the web. Every year we hear about high profile companies losing sensitive data to intruders, and mainly compromises originate from their web presence. The best way to achieve a truly secure web application is to build that application with security in mind from the start. Join us as we investigate common mistakes and failing in web security, and teach you how to build truly secure web applications from the ground up.

What will I learn?

After completing this course, you will be prepared to incorporate standard, best practice security measures into your PHP applications. You will be able to identify the most common types of vector attacks and industry experienced vulnerabilities allowing you to monitor and fortify your application code against them.

What will I be able to achieve?

-Building truly secure web applications with confidence and aptitude.
-Ensure that your application and company avoid an embarrassing hack or data breach.
-Be sure that you understand and can mitigate the most common web security failings, and understand why “Security First” is the best possible way to code.


This course is designed for intermediate to experienced PHP application developers who are looking to enhance their skills and be able to learn or implement security best practices. It is also appropriate for intermediate PHP and professional developers who are interested in studying early on how to build security into the applications as part of their learning process.


Basic to advanced knowledge of PHP 5 is recommended including experience developing PHP 5 applications. 

Class Format

This online class provides instructor-led 2 hour long lectures coupled with practical examples and student exercises. You will be given a participant course guide, to help you follow along with the lectures and exercises, as well as the solution code to the security practice application. You will also be granted access to the recorded sessions for thirty days after your class ends, so that you have time to review the materials at your own pace. This class can be also delivered by an instructor on site.


Class outline




  1. What is Security
  2. Defense in Depth
  3. Basic Security Rules
  4. Building Secure Web Applications Guidelines
  5. Open Web Application Security Project (OWASP)
  6. Web Application Exploits
  7. Risk Management
  8. Injection


  1. SQL Injection
  2. XSS Injection
  3. Cross-site forgeries (CSRF)
  4. Brute Force
  5. Broken Authentication and Session Management
  6. Insecure Direct Object References
  7. Security Misconfiguration
  8. Insufficient Cryptographic Storage
  9. Missing Function-Level Access Control
  10. Using Components with Known Vulnerabilities
  11. Invalidated Redirects and Forwards


  1. Secure Configuration
  2. Authentication Techniques
  3. Password Cryptography 
  4. Hermetic Filtering/Validation/Escaping Techniques
  5. Handling Asynchronous Web Calls (AJAX)
  6. Lock down Database Security
  7. Employing Access Controls and Handling Account Lockouts (ACL)
  8. White Listing Techniques
  9. Using an API Framework (Apigility)
  10. Creating a Standard Review Process
  11. Captchas, Tokens and Session Managment
  12. Cryptographic Storage Techniques
  13. Extension Evaluation
  14. Securing File Uploads
  15. Logging
  16. Web Server Security


  1. Additional Learning Resources
  2. Security Standards
  3. Penetration Testing
  4. Performance Tools

Do you have more questions? Please email itraining@zend.com
Reserve your spot for this class, buy the course today!

Buy Now

Class Schedule


Class Schedule

Hours per Session


Dec 14, 15, 16, 17 & 18

9:30-11:30am PST

18h30-20h30 CET (Paris)

17:30-19:30  GMT


Jan 18, 19, 20, 21 & 22

5-7am PST

14-16h00 CET (Paris)

13-15:00 GMT


Feb 22, 23, 24, 25 & 26

9:30-11:30am PST

18h30-20h30 CET (Paris)

17:30-19:30  GMT


Mar 28, 29, 30, 31 & April 1

7-9am PDT

16-18h00 CET (Paris)

15-17:00 GMT


Interested in taking additional classes and achieving certification? Check out our bundle discount and save more! We recommend:

A-Zend for Experienced PHP Programmers Online Training Course - Money Saving Bundle! 

Note: After you have purchased your Zend online training course, you will receive an email detailing the registration process.
If you have any questions please contact us at itraining@zend.com