Drupal Security for Coders

Time slot: 
March 8th, 1:45 PM - 2:45 PM
Room: 
Sheraton 4 & 5
Track: 
Coder
Experience: 
Intermediate

In this session you will learn about the most common vulnerabilities created in Drupal sites, how to exploit them, and how to protect against them. Based on years of experience on the Drupal Security Team and doing security reviews for websites, the presenters will show specific details for finding and using weaknesses in Drupal sites. Seeing the problems is the start: then you will learn how to write and patch code to fix security weaknesses. Finally we'll cover the many newly available tools for automated scanning of Drupal code.

Video on archive.org.

Intended audience: 

Developers and programmers

Questions answered by this session
Question 1: 
What are the most common security vulnerabilities in Drupal and web applications?
Question 2: 
How can I identify Cross Site Scripting, Cross Site Request Forgery?
Question 3: 
What are the steps to fix vulnerable code?
Question 4: 
How can I use automated tools to keep my site safe?
Question 5: 
What should I do if I find vulnerabilities?
Drupal Security for Coders has been selected and voting is closed.

Comments

Slides or URLs

Where can we get the slides or list of URLs?

Diamond Sponsors

 
VPS NET
Palantir.net

Platinum sponsors

 
workhabit
Trellon

Gold Sponsors

 
Chapter Three
Treehouse Agency
Microsoft
NorthPoint
Duo
HotDrupal.com
Drupal Connect