ZendCon Day Four

22 Oct 2005

The first annual ZendCon has now come and gone. Prior to the conference, I had my doubts about an open source conference with a big business twist, but Zend and KB Conferences pulled it off. For the first time, the average conference attendee could see how seriously big businesses (IBM, Yahoo, Oracle, eBay, Google, etc.) are taking PHP. The conference also seemed to generate a lot of buzz in the business community with a sense that PHP is a serious threat to Java's future in the web space.

The fourth and last day of the conference began very early for me, because I had the misfortune of speaking at 8:30 AM. Luckily, quite a few attendees were anticipating the talk, so I still had a good crowd. (Hopefully I wasn't too tired to deliver it well.) The talk, PHP Security Audit HOWTO, described the basics of auditing PHP code with a focus on tracking data. I only had 45 minutes to speak, so it's hard to cover much more. My desire is to encourage more peer review within the PHP community, because this is a practice that offers a lot of value and is something almost any development team can do. Although the slides only offer an overview of the actual talk, you might find them useful:

Note: Keynote's Flash export of this talk is rubbish, so I'm only offering a PDF for now. Sorry.

Like Adam, I was filmed for some sort of promotional video. It wasn't scripted or rehearsed in any way, so I'm afraid to see the results. Luckily, it will be edited, so maybe they can salvage something. :-)

As always, it was good to see old friends, make some new ones, and learn something in the process. I think ZendCon was a big success, and I look forward to next year's conference in San Jose.

I have quite a few photos of the conference available in my ZendCon gallery.