Email the Author

You can use this page to email Chris Cornutt about Securing Legacy Applications.

Please include an email address so the author can respond to your query

This message will be sent to Chris Cornutt

This site is protected by reCAPTCHA and the Google  Privacy Policy and  Terms of Service apply.

About the Book

There's two words that are a sure way to send chills down a developer's spine: "legacy application". We've all dealt with legacy applications in one shape or form and some are even stuck with them as a full time job. While the code quality of legacy applications is always up for debate, the focus of this book is on taming the security in these apps.

Chances are that legacy PHP application you're working with wasn't written with security in mind. It might be a mish-mash of PHP files all included in a tangled web or it could be that it's just using an ancient version of a framework that hasn't seen an update in years. Regardless of the situation, I'll be guiding you through steps you can follow and topics to consider to help protect your application.

The book covers topics like:

  • Determining risk
  • Evaluating and updating access controls
  • Effective input validation and output escaping
  • Introducing new controls
  • Templating for security
  • Keeping security simple

While the illustrations will be predominantly in PHP, the theories behind each point will be shared first, making them applicable to any language. Securing legacy applications doesn't have to be as hard as you might think. 


About the Author

Chris Cornutt’s avatar Chris Cornutt

@enygma

Chris has been involved in the PHP community for over a decade. His contributions include curating the PHP news site PHPDeveloper.org, writing articles for his PHP-focused security site Websec.io and speaking at web technology conferences all around the world. He's also written for several major PHP publications and is a co-organizer for both the Dallas PHP user group and the Lone Star PHP Conference. He currently works as an application security developer for Pardot, a division of Salesforce.

You can find him online at http://blog.phpdeveloper.org

Logo white 96 67 2x

Publish Early, Publish Often

  • Path
  • There are many paths, but the one you're on right now on Leanpub is:
  • Securinglegacyapps › Email Author › New
    • READERS
    • Newsletters
    • Weekly Sale
    • Monthly Sale
    • Store
    • Home
    • Redeem a Token
    • Search
    • Support
    • Leanpub FAQ
    • Leanpub Author FAQ
    • Search our Help Center
    • How to Contact Us
    • FRONTMATTER PODCAST
    • Featured Episode
    • Episode List
    • MEMBERSHIPS
    • Reader Memberships
    • Department Reader Memberships
    • Author Memberships
    • Your Membership
    • COMPANY
    • About
    • About Leanpub
    • Blog
    • Contact
    • Press
    • Essays
    • AI Services
    • Imagine a world...
    • Manifesto
    • More
    • Partner Program
    • Causes
    • Accessibility
    • AUTHORS
    • Write and Publish on Leanpub
    • Create a Book
    • Create a Bundle
    • Create a Course
    • Create a Track
    • Testimonials
    • Why Leanpub
    • Services
    • TranslateAI
    • TranslateWord
    • TranslateEPUB
    • PublishWord
    • Publish on Amazon
    • CourseAI
    • GlobalAuthor
    • Marketing Packages
    • IndexAI
    • Author Newsletter
    • The Leanpub Author Update
    • Author Support
    • Author Help Center
    • Leanpub Authors Forum
    • The Leanpub Manual
    • Supported Languages
    • The LFM Manual
    • Markua Manual
    • API Docs
    • Organizations
    • Learn More
    • Sign Up
    • LEGAL
    • Terms of Service
    • Copyright Policy
    • Privacy Policy
    • Refund Policy

*   *   *

Leanpub is copyright © 2010-2025 Ruboss Technology Corp.
All rights reserved.

This site is protected by reCAPTCHA
and the Google  Privacy Policy and  Terms of Service apply.

Leanpub requires cookies in order to provide you the best experience. Dismiss