Are you losing sleep, worrying about your Drupal site’s security? That isn’t healthy! With Drupal being used for building websites and applications in government, non-profits, higher education, and corporate enterprises, it is important to make sure that projects follow regulatory and organizational security controls. Are you ready to learn how to take immediate steps to improve the security of your Drupal installation? Great, let’s get get started.
This session will provide the details you need to create a security-first plan to enhance Drupal’s strong security foundation with community-contributed modules. Attendees will learn how to leverage these community contributions to ensure Drupal’s ability to provide confidentiality, integrity, and availability for your users.
Drupal core and contributed module security enhancements will be demonstrated live. These demonstrations will show how to address many of the concerns listed in the globally recognized OWASP Top 10 Web Application Security Risks document. In addition, attendees will learn how to keep up with official security announcements from the Drupal Security Team, understand Drupal security advisories, and find resources to learn more about Drupal security.
Security risks and improvements covered
Attack surface reduction
Broken Access Control
Cross-Site Scripting XSS
Insufficient logging & monitoring
Using components with known vulnerabilities
Senior Director of Development at Mediacurrent
As a Senior Director of Development, Mark “shrop” loves working at the intersection of leadership and technology. Over his 20-plus-year career as a technical team leader, Shrop held IT roles at a large urban research university and a nationally recognized graphic communications company prior to Mediacurrent. He has a passion for personal and team growth, aligning individual purpose with Mediacurrent’s vision. Shrop focuses empowering teams to excel while using best of class open source technology solutions.
Shrop is active in the Charlotte North Carolina tech community through meetup group leadership, mentorship, and participation. He believes giving people a chance and helping them grow and find careers in tech changes lives.