SektionEins

Tools

            

Areas

Navigation

Spotlight

PHP Security Poster

The PHP Security Poster which contains the most important aspects of configuring PHP securely and writing secure PHP code is now available in english for free.

Advisories

Secure your web applications!

Secure? Contact us!

Internet-based business-critical applications are constantly on the rise. The goal for every company is to ensure both user-friendliness and security from outsiders’ attacks. But still, as independent studies show, more than 50% of all current security problems can be found in web applications.

Based in Cologne, Germany, SektionEins operates internationally as a security consultant company. We offer full service in the area of web-based application security. This includes vendor-independent consulting, training, and in particular web application audits conducted in close collaboration with our clients.

Our business activities include of a wide range of server-side programming languages (Java, PHP, Ruby, Perl) as well as client-side technologies (JavaScript, AJAX, Flash, AIR, …). We posses specialized know how in the area of PHP.

We actively support the Open Source community with help in securing their projects.

Suhosin, our open source and free PHP hardening patch, offers various options to secure PHP-based applications, their PHP core, and its users against several known and unknown security problems within the application itself and its PHP core.

Furthermore, SektionEins is conducting bleeding edge security research.

News

16.02.11
SektionEins is searching for a new web application security consultant to join our team. See more information here.

Agenda

26.01.11
Session “Sicherheitsprobleme in Webapplikation fernab der üblichen Injektionsverwundbarkeiten” Ruhr-Universität Bochum, Bochum (Germany)
15.12.10
Session “Adding ASLR to jailbroken iPhones” POC2010, Seoul (Korea)
13.10.10
Session “HTML5 Security” as well as “Lesser known Security Problems in PHP Applications (2010 Edition)” International PHP Conference, Karlsruhe (Germany)
20.08.10
Session “Utilizing Code Reuse/Return Oriented Programming in PHP Web Application Exploits” SyScan Taipei 2010, Taipei (Taiwan)
29.07.10
Session “Utilizing Code Reuse/Return Oriented Programming in PHP Web Application Exploits” BlackHat USA 2010, Las Vegas (USA)
09.07.10
Session “Returning into the PHP interpreter – remote exploitation of Memory Corruptions in PHP is not over, yet” SyScan HangZhou 2010, HangZhou (China)
18.06.10
Session “Returning into the PHP Interpreter – Remote Exploitation of Memory Corruptions in PHP is not over, yet.” SyScan Singapore 2010, Singapore
01.05.10
SektionEins organizes the Month of PHP Security (MOPS)
17.11.09
Session “Web 2.0 Security Revisited” as well as “Sichere Programmierung mit dem Zend Framework (Updated)” International PHP Conference, Karlsruhe (Germany)
05.11.09
Session “Shocking News in PHP Exploitation” POC 2009, Seoul

Contact us

SektionEins GmbH
Breite Str. 159
50667 Köln
Germany
Phone: +49.221.29282933
Fax: +49.221.29282935
Contact form