For those of you attending OSCON in a couple of weeks, you might be interested in the PHP Security Hoedown BOF being hosted Wednesday night by Ed Finkler of CERIAS:
An open discussion about the current state of PHP security. Are we making progress? What should our goals be, and how do we achieve those goals? Are we reaching the "average PHP user?"
I'm planning to be there, and hopefully we can all learn something and have a good time. I consulted the dictionary, and apparently an event must include square dancing to earn the right to be called a hoedown. :-)