Drupal and Security

What you need to know

Presented by

• Stéphane Corlosquet / @scorlosquet
• Klaus Purer / @_klausi_

These slides: http://scor.github.io/drupal-security-2015/

Stéphane "scor" Corlosquet

• 9+ years with Drupal
• Drupal Security Team member
• RDF in core + contrib
• Definitive Guide to Drupal 7
• We're hiring

Klaus "Klausi" Purer

• Software Engineer, mostly backend
• Project application review admin
• Drupal Security Team member
• REST module in D8 core
• Rules module for D8

Security process

Precautions against XSS

Drupal 7 Update Manager

Drupal 7 Update Manager Notifications

Book on Security in Drupal

References

• Drupal Security Advisories
• Drupal Security Team
• Drupal Security report
• Drupal Security Best Practices guide
• DGD7 chapter 6
• https://groups.drupal.org/security
• Security on docs.acquia.com

Sprint on Friday

• Sprint with the community on Friday.
• We have tasks for every skill set.
• Mentors are available for new contributors.
• An optional Friday morning workshop for first-time sprinters will help you get set up.
• Follow @drupalmentoring