PHP is, in my humble opinion, unfairly treated within the security community. Sure, there are a lot of examples of vulnerable PHP code floating around, and outdated WordPress is definitely an easy target, but modern PHP apps are secure and the PHP community does care a lot about security. So I want to take you on a journey from the early days of PHP through to now, looking at different frameworks that have come and gone and where the current state of security is in PHP. I may even defend modern WordPress… maybe…