PHP holds the bar as one of the most popular and sought-after technologies for web development. As W3Techs shows, PHP code is running on 76.8% of all websites around the globe.
We are very excited to announce that the latest version of Bearer now supports PHP in Beta, with more than 50 rules already available, providing a good level of security risks and vulnerabilities coverage. For the PHP support in this release, we have included a strong focus on the popular Symfony framework.
If you want to start scanning your PHP applications today, it’s very simple:
- Install or upgrade Bearer CLI to the latest version: https://github.com/Bearer/bearer
- Run the bearer scan command in your repo, on your machine or in your CI/CD.
- Read report, fix findings, and enjoy shipping secure code 🎉
An example of a scan report of a PHP codebase is shown as a reference below:
Today, we are also announcing the release of Alpha support for Go and Python! We have a few rules available for both of them, acting mostly as examples - especially relevant if you’re interested in building your own custom rules. You may want to develop custom rules to protect your unique business logic and enable guardrails, such as approved authentication patterns, cryptography guidance, and ban insecure APIs.
A note on language support:
With this release, we have decided to change our language support level definition to better reflect how users value Bearer. From now on, every support level (GA, Beta, Alpha) offers the full set of features, and especially the ability to scan code for security risks and vulnerabilities. It means that Go and Python, both in Alpha, also provide a few rules for now, and especially give the ability to anyone to build their own.