php meetup

Static Code Analysis for PHP and the Zend Framework Circa 2009

PHP Security with Yasca and ZF

February 24th, 2009

Thanks to Hallmark Holiday Valentines Day, February is all about love. First up, we all love good solid code. So we're pleased to have Michael Scovetta talk on Yasca and static source code analysis. Next, PHP developers love their frameworks and this month NYPHP is pleased to have expert and ZCE Alan Seiden talk tech about peace, love, and the Zend Framework.

Yasca - An Open Framework for Automated Source Code Analysis
Over the past few years, commercial static analysis tools have matured considerably, now generally providing high-quality results along with features that large enterprises require. On the open-source front, tools including PMD and FindBugs offer good results against Java and C/C++ code, but few other high-quality tools exist. Yasca was created to aggregate the results of other open-source tools and to provide a framework for quickly adding new patterns to scan. It focuses issues related to security, performance, and bad practices within C/C++, Java, PHP, HTML/CSS, JavaScript, COBOL, and other languages.

Michael Scovetta recently joined CA as a Principal IT Security Engineer, prior to which he worked for Cigital as a senior consultant and UBS Financial Services as an Information Security Analyst. He has various roles at these organizations including that of a developer, architect, security evangelist, penetration tester, security architect. Michael holds a CISSP certification, a M.Eng. in Computer Science from Cornell University and a B.S. in Computer Science and Mathematics from Hofstra University. His personal site is http://www.scovettalabs.com and he is on LinkedIn.

Zend Framework Circa 2009
The Zend Framework is known for its flexibility, corporate-friendly licensing, and compatibility with diverse platforms and database systems.

This technical presentation by Alan Seiden, a Zend Certified Engineer for Zend Framework, offers guidance for prospective and current users. Developers planning a project will discover what ZF can offer. More experienced users will learn about ZF's recent time saving enhancements.

A leader in developing PHP-based web applications on IBM i (System i, i5, iSeries, AS/400), Alan has written many articles on the subject. He served as a consultant for the IBM manual Zend Core for i5/OS. He is senior developer and technical lead at Strategic Business Systems in northern New Jersey. Alan's blog.