We can be better at application security

Help me build an ecosystem of tools & educational resources on authentication & authorization for the PHP Community

My name is Dan Syme. I am the founder of @Cartalyst. We build both open source and proprietary PHP libraries for developers. Chances are you’ve heard of Sentry. It was our first stab at role based authentication / authorization.

A couple years later, a little wiser, and significantly better came Sentinel. Sentinel was a complete refactor of our original auth library. Fast forward another year later and Sentinel v3 is well underway with new features, add-ons, and a robust implementation pattern.

Fundamentals are important to all of us

Learning why and how Authentication and authorization crosscuts your applications can be an intimidating aspect of application design. Unfortunately our inventory of skilled, seasoned engineers that are available to mentor the next generation is in short supply.

Sure there are many resources on the subject, but books and discussion can only take you so far. Developers learn best through trial and error, but I think we can all agree this presents too great a risk from employer to end user.

I think we’re one of the few companies that can help. Here’s how.

1. We’ll open source Sentinel (done).
2. We’ll refactor Sentinel documentation from the ground up. Using multiple use case examples.
3. We’ll create tutorials in “recipe” format that contextualize best practices going beyond the how, and answer the why using real scenarios.
4. We’ll create a training demo. An installable application with thorough doc blocks that explain the what and why.
5. We’ll create a site, devoted to the discussion and resources.

All you have to do is get us as close to 25k as possible.

We’ll do the rest!

CROWDFUND VERSION 3