A matter of safety: Security Practices in Drupal

A matter of safety: Security Practices in Drupal

tags

In this session you will learn about common security website holes, how hackers use them and what you can do as site developer/maintainer to prevent security breeches. Following topics will be discussed:

• Explanation of top 10 security holes categories by OWASP
• Types of attack: it is not just your Drupal site that can be compromised. You will learn about the weak spots in your providers’ web server and beyond
• How to use Drupal in a secure way
• Using permission system properly to secure your applications
• User input output in Drupal and how to prevent hacking through I/O operations
• Drupal security API
• Contributed security modules and automatic security testing tools
• Couple of real world examples: how poorly coded/configured site opens backdoors for hackers and how to enter through those doors

Perhaps you will not become a security expert by the end of this session ;) but you will learn about the sources of danger and about the ways to protect yourself.

Resources