Our Community Projects

Security experts take care of their community, both online and offline.

Open Source Software Projects



C.M.S. Airship

Secure-by-default PHP 7 content management system powered by libsodium.

View details »

Halite

The power of libsodium, the simplicty of Paragon Initiative Enterprise engineering.

View details »

Pharaoh

Compare executable PHP Archives. Verifies builds are reproducible, stops malware.

View details »

For the Benefit of the Community



Curated Application Security Reading List

A curated list of resources for learning about application security maintained by our team based on the recommendations of the security community.

Anti-CSRF

Full-Featured Library to prevent Cross-Site Request Forgery vulnerabilities.

Certainty

Automated CACert.pem management for PHP projects, to promote a more secure Internet.

Chronicle

Self-hostable microservice, built with Slim Framework, that provides a sapient API which enables authorized users to commit arbitrary data to an immutable, append-only public ledger.

CipherSweet

Searchable field-level encryption library.

Constant-Time Encoding

RFC 4648 compatible character encoding that doesn't ever use table look-ups indexed by secret data.

CSP Builder

Easily integrate Content-Security-Policy headers into your web application, either from a JSON configuration file, or programatically.

Discretion

Microservice for "Contact Us" forms that GnuPG-encrypt all outgoing emails.

EasyDB

PDO lacks brevity and simplicity; EasyDB makes separating data from instructions easy (and aesthetically pleasing). EasyDB was created by Paragon Initiative Enterprises as part of our effort to encourage better application security practices.

Easy-ECC

Usability wrapper for PHPECC. Deterministic ECDSA and authenticated encryption.

EasyRSA

Simple and secure wrapper for phpseclib (uses defuse/php-encryption for symmetric-key encryption)

GPG-Mailer

Send PGP-encrypted and/or PGP-signed emails with Zend\Mail and Crypt_GPG in one simple interface.

HPKP Builder

Easily integrate HTTP Public-Key-Pinning in your PHP applications.

Ionizer

Structured Input Filter with Strict Typing

Multi-Factor

Vendor-Agnostic Two-Factor Authentication Library

Password Lock

Hash then encrypt your customers' passwords.

This library was motivated by this blog post from security expert Anthony Ferrara.

PASETO

Platform-Agnostic SEcurity TOkens.

Quill

A simple client for writing to a Chronicle instance.

random_compat

PHP 5.x polyfill for random_bytes() and random_int(), which are simple interfaces for cryptographically secure random number generators added in PHP 7.0.0.

  • random_bytes(int) generates an arbitrary number of random bytes
  • random_int(int, int) returns a random integer between two given values (inclusive)

For more information, see random_bytes() and random_int() in the PHP manual.

Sapient

Secure API toolkit. Sapient secures your PHP applications' server-to-server HTTP(S) traffic even in the wake of a TLS security breakdown (compromised certificate authority, etc.).

SeedSpring

Seeded, Deterministic PRNG (based on AES-CTR instead of LCG)

sodium_compat

Pure-PHP implementation of the cryptography features offered by libsodium


Need Technology Consultants?

Will tomorrow bring costly and embarrassing data breaches? Or will it bring growth, success, and peace of mind?

Our team of technology consultants have extensive knowledge and experience with application security and web/application development.

We specialize in cryptography and secure PHP development.

Let's Work Together Towards Success

Our Security Newsletters

Want the latest from Paragon Initiative Enterprises delivered straight to your inbox? We have two newsletters to choose from.

The first mails quarterly and often showcases our behind-the-scenes projects.

The other is unscheduled and gives you a direct feed into the findings of our open source security research initiatives.

Quarterly Newsletter   Security Announcements