Posts by author: Dr. Johannes Dahse

PHP Security Advent Calendar 2018

1 min read 27 Nov 2018 by Johannes Dahse
The holiday season is coming up again and it’s time for some security fun. For the third time in a row, we are proud to announce our PHP security advent calendar. This year, we will analyze 24 exciting security bugs that we detected in the most widespread WordPress plugins.

What is Phar Deserialization

5 min read 14 Aug 2018 by Johannes Dahse
Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.

Comparison of Application Security Testing Approaches

11 min read 31 Jul 2018 by Johannes Dahse
Web applications can be tested manually or automated, as a blackbox or a whitebox, with static or dynamic analysis. In this post we compare the advantages and disadvantages of a variety of approaches and solutions. Review our table with Static / Dynamic / Interactive Application Security Testing features.

Ensure Application Security with Zend Server and RIPS

4 min read 27 Mar 2018 by Johannes Dahse
Rogue Wave Software developed together with RIPS Technologies a new Zend Server plugin that helps to counter attacks before they can succeed. With the RIPS Code Analysis plugin, Zend Server users can now scan the source code of deployed PHP applications for security problems by using RIPS leading security analysis solution.

PHP Security Advent Calendar 2017

1 min read 30 Nov 2017 by Johannes Dahse
We are happy to announce this year’s PHP security advent calendar where we will release a new calendar gift from December 1st to 24th. This year, we will focus on nifty PHP pitfalls and release a daily code challenge for you to solve. Can you spot the daily security bug?