highperapp / security
Enterprise security management with comprehensive compliance frameworks (HIPAA, PCI-DSS, GDPR, CCPA+), payment tokenization, and advanced threat protection
dev-main
2025-10-03 01:33 UTC
Requires
- php: ^8.3|^8.4
- amphp/parallel: ^2.0
- highperapp/crypto: ^1.0
- psr/http-message: ^2.0
- psr/log: ^3.0
Requires (Dev)
- phpunit/phpunit: ^10.0
Suggests
- ext-geoip: For geo-location based security and compliance features
- ext-libsodium: For enhanced cryptographic operations and secure memory handling
- aws/aws-sdk-php: For AWS CloudHSM integration and cloud compliance features
- google/cloud: For Google Cloud HSM and compliance monitoring
- guzzlehttp/guzzle: For integrating with iplocation.net API (free alternative for IP geolocation)
- hashicorp/vault-php: For HashiCorp Vault integration
- league/uri: For enhanced URI parsing and validation
- maxmind/web-service-common: For IP geolocation and fraud detection (commercial service)
- microsoft/azure-storage: For Azure Key Vault integration
- ramsey/uuid: For enhanced UUID generation in tokenization
- symfony/rate-limiter: For advanced rate limiting capabilities
This package is auto-updated.
Last update: 2025-10-03 12:02:05 UTC
README
Enterprise security management with comprehensive compliance frameworks and advanced threat protection.
Features
- 🛡️ Multi-Layer Security: Input validation, XSS protection, CSRF prevention
- 🔐 Enterprise Compliance: OWASP Top 10, SOC 2, ISO 27001 compliance
- ⚡ Async Processing: Non-blocking security checks with AMPHP
- 🎯 Threat Detection: Real-time security monitoring and alerting
- 📊 Security Audit: Comprehensive logging and compliance reporting
- 🔧 Configurable Rules: Customizable security policies
Installation
composer require highperapp/security
Quick Start
<?php use HighPerApp\HighPer\Security\SecurityManager; $security = new SecurityManager([ 'csrf_protection' => true, 'xss_protection' => true, 'sql_injection_detection' => true ]); // Validate user input $input = $_POST['user_data']; $isSecure = yield $security->validateInput($input); if ($isSecure) { // Process secure input } else { // Handle security threat $threats = $security->getDetectedThreats(); }
Security Features
CSRF Protection
// Generate CSRF token $token = yield $security->generateCSRFToken(); // Validate CSRF token $isValid = yield $security->validateCSRFToken($_POST['csrf_token']);
XSS Protection
// Sanitize user input $cleanData = yield $security->sanitizeInput($userInput); // Advanced XSS detection $hasXSS = yield $security->detectXSS($htmlContent);
SQL Injection Detection
// Check for SQL injection patterns $isSafe = yield $security->validateSQLInput($query);
Requirements
- PHP 8.2+
- AMPHP v3+
- highperapp/crypto for encryption features
License
MIT