Friday, February 19, 2010

Month of PHP Security 2010

The Month of PHP Security will take place in May 2010 and will be very different from all the previews “Month of Bugs” or “Week of Bugs” events. You can think of the Month of PHP Security as a conference without a conference. This means around the 1st of March we will send out a call for papers in order to collect the best advisories, the best research and the best articles about PHP security. We invite everyone from the PHP and from the security community to take part in this event.

The accepted topics will be:

Advisory/Article about new vulnerability in PHP (with or without exploits) (no simple safe_mode, open_basedir bypass vulnerabilities)
Advisory/Article about vulnerability in PHP related software (popular 3rd party PHP extensions/patches, like Suhosin or Zend tools)
Detailed article about a single topic of PHP application security
Article about a complicated vulnerability in/attack against a widespread PHP application
Article about a complicated topic of attacking PHP (e.g. explain how to exploit heap overflows in PHP’s heap implementation)
Article about how to attack encrypted PHP applications
Release of a new PHP security tools
Other topics related to PHP (application) security

For more info check: http://www.suspekt.org

No comments: