Drupal Security for Coders

Time slot: 
March 8th, 1:45 PM - 2:45 PM
Room: 
Sheraton 4 & 5
Track: 
Coder
Experience: 
Intermediate

In this session you will learn about the most common vulnerabilities created in Drupal sites, how to exploit them, and how to protect against them. Based on years of experience on the Drupal Security Team and doing security reviews for websites, the presenters will show specific details for finding and using weaknesses in Drupal sites. Seeing the problems is the start: then you will learn how to write and patch code to fix security weaknesses. Finally we'll cover the many newly available tools for automated scanning of Drupal code.

Video on archive.org.

Intended audience: 

Developers and programmers

Questions answered by this session
Question 1: 
What are the most common security vulnerabilities in Drupal and web applications?
Question 2: 
How can I identify Cross Site Scripting, Cross Site Request Forgery?
Question 3: 
What are the steps to fix vulnerable code?
Question 4: 
How can I use automated tools to keep my site safe?
Question 5: 
What should I do if I find vulnerabilities?
Drupal Security for Coders has been selected and voting is closed.

Comments

Slides or URLs

Where can we get the slides or list of URLs?

Diamond Sponsors

 
Palantir.net
VPS NET

Platinum sponsors

 
Trellon
workhabit

Gold Sponsors

 
HotDrupal.com
Duo
NorthPoint
Chapter Three
Drupal Connect
Microsoft
Treehouse Agency