Security in Drupal: what can go wrong?
Let's "get off the island" and look at Drupal security from the point of view of an outsider.
The OWASP Top Ten is an industry standard list of the most common vulnerabilities that can affect web sites. This session will start with an overview of the Top Ten, and then take a more detailed look at a few of these vulnerabilities. We will review some actual Drupal security advisories:
What the vulnerability looks like
How the Drupal security team communicates the problem
The code that was updated to fix the problem
The presenter is a member of the Drupal security team.
The audience for security is "all of the above", or it should be. Owners care if their sites are hacked, or if information is stolen. Builders and administrators need to know and follow best practices. Developers and project managers have to think about what can go wrong.
This session will help teach you about good "web hygiene" and what you can do to make your site more secure. It will also help you recognize when you need to rely on an expert.
Benji Fisher
https://www.drupalcampnj.org/sessions/security-drupal-what-can-go-wrong-0
The OWASP Top Ten is an industry standard list of the most common vulnerabilities that can affect web sites. This session will start with an overview of the Top Ten, and then take a more detailed look at a few of these vulnerabilities. We will review some actual Drupal security advisories:
What the vulnerability looks like
How the Drupal security team communicates the problem
The code that was updated to fix the problem
The presenter is a member of the Drupal security team.
The audience for security is "all of the above", or it should be. Owners care if their sites are hacked, or if information is stolen. Builders and administrators need to know and follow best practices. Developers and project managers have to think about what can go wrong.
This session will help teach you about good "web hygiene" and what you can do to make your site more secure. It will also help you recognize when you need to rely on an expert.
Benji Fisher
https://www.drupalcampnj.org/sessions/security-drupal-what-can-go-wrong-0