Insecure Drupal code: Mistakes not to make — Video Available

Drupal provides a good API for developing secure modules and sites, but mistakes happen and best practices are missed in the process of making deadlines. This session will cover popular and prevelant Drupal security risks on the web and how to write secure Drupal code.

Agenda

  • Security risks on the web
  • Common vulnerabilities found in Drupal code
  • XSS, CSRF, Access Bypass
  • Automated tools to make your life easier

Speaker

Ben Jeavons (drupal.org user coltrane) has been a contributor to the Drupal project since 2007, has written many modules including the security configuration audit tool, Security Review, and is a member of the Drupal Security Team.

Files

AttachmentSize
badcamp-insecure-code.pdf3.89 MB
The video for this session is available on archive.org. There may be sound dropouts in the video — it's not your computer.
https://archive.org/details/InsecureDrupalCodeMistakesNotToMake
Sunday, Oct, 27th
10:00am - 10:45am

Speaker(s)

Skill Level