Welcome to Laravel Security in Depth!

Hi, I’m Stephen Rees-Carter, welcome to Laravel Security in Depth!

Laravel Security in Depth aims to teach anyone in the Laravel community more about security within the Laravel ecosystem. We focus on a wide range of topics, from writing secure code through to secure policies and workflows. My goal is to pass on all of my experience in the security industry, and hopefully have some fun along the way.

What is Laravel Security in Depth?

Laravel Security in Depth is a mailing list that offers both free and premium subscriptions. The premium subscription only costs $7 a month and gives you access to monthly In Depth emails, and weekly Security Tips, while the free subscription includes a monthly Security Tip.

Monthly In Depth Emails

Each month we’ll dive into an aspect of Laravel security in depth. Some months this will involve writing secure code, or learning how to use standard Laravel features, while other months we might look at how specific security features are implemented within Laravel and why. We may even diverge from code and look at creating secure workflows and policies.

You can use the comments feature to ask questions, so we can dive deeper into a topic or start a discussion. You can even suggest topics for us to cover, or public code snippets to analyse, which will help focus our learning to specific areas of interest. The idea is to cover topics that are relevant to you, so please don’t hesitate to reach out with your suggestions or ideas.

Weekly Security Tips

To fill in the gaps between the monthly In Depth emails, I also send out weekly Security Tips. These are small snippets of code or reminders of features, to refresh your memory and ensure you’re writing secure code. Even those of us who have been in security for years still need reminding of these things!

Free subscribers will receive one of these security tips each month, as a preview of the emails premium subscribers receive weekly. You’re more than welcome to sign up for these alone, although I encourage you to consider a premium subscription if you find these tips useful.

Who Am I?

My name is Stephen Rees-Carter and I’ve been a Laravel developer for over half a decade, focusing on Security for most of that time. I’ve worked in on large SaaS apps, internal toolkits, single-use disposable apps, corporate sites, and more, and even cleaned infected WordPress sites. I have a Security+ certification and am a Certified Ethical Hacker. Security is my passion, and I’ve spent the past couple of years speaking at conferences, showing how easy it is to hack into websites and how you can defend against such attacks.

I have presented my most popular conference talk series “Think Like a Hacker” at Laracon Online, Laracon EU, the International PHP Conference, and Laravel Conf Taiwan. I also have a WordPress variant which has been popular at WordCamps.

I love teaching people about security through practice demonstrations and giving realistic advice.

Tell Your Friends!

If you find Laravel Security in Depth helpful, or if you know someone who would benefit from it, please spread the word.

Share Laravel Security In Depth

I hope you see you on the list!


P.s. Don’t just take my word for it, here are some of the things others have been saying about Laravel Security in Depth and/or my talks upon which it originated:

To find out more about the company that provides the tech for this newsletter, visit Substack.com.