Snuffleupagus - Killing bugclasses in php7, virtual-patching the rest

Suhosin is a great php module, but unfortunately, it's getting old, new ways have been found to compromise php applications, and some aren't working anymore; and it doesn't play well with the shiny new php7. As a secure web-hosting company, we needed a reliable and future-proof solution to address the flow of new vulnerabilities that are published every day. This is why we developed Snuffleupagus, a new (and open-source!) php security module, that provides several features that we needed: passively killing several php-specific bug classes, but also implementing virtual-patching at the PHP level, allowing to patch vulnerabilities in a precise, false-positive-free, ultra-low overhead way, without even touching the applications' code.