Simple is Hard

This talk will focus on the architecture, performance and security of Web 2.0 applications. The Web is inherently simple and lends itself well to highly scalable fast Web applications. But, if you get the architecture wrong, it can have disastrous performance consequences which will be illustrated with tools such as strace, callgrind and xdebug.

Many of the currently popular frameworks do not do a very good job of encouraging people to write fast applications choosing developer productivity over end-user page latencies. There are ways to get both and hopefully after having looked at the architecture and performance of a number of popular web applications and optimized a couple, attendees will have a better appreciation for simple fast architectures and simple modular design techniques.

And since there is no point in building fast and scalable applications if they aren’t secure, I’ll also cover architecting for security and go through the current state of XSS and CSRF security considerations that all Web developers should be familiar with.

While parts of this talk is PHP specific, most of the concepts covered apply to all Web applications regardless of the language they are written in.