Talking Drupal #396 - Drupal Security

April 24, 2023

Today we are talking about Drupal Security with Mark Shropshire & Benji Fisher.

Listen:

00:00

download

Sign up for BONUS CONTENT

Watch:

Topics:

Why do you care about security
Best tips for securing Drupal
Common Security Issues people have with Drupal
Convincing module maintainers to do full releases
Testing to ensure security
Guardr Drupal security distribution
What does the Drupal Security team do
Finding issues
Review compromised sites
Becoming a member
Process for writing security notices
Helping the security team

Resources:

How to Join the Drupal Security Team
How to get involved
Passwords:
- xkcd
- Spaceballs
Discussed at this BadCamp talk - Sleep Better at Night with a Secure Drupal Site
OWASP
OWASP Zap baseline
Benji’s talk introducing the OWASP Top Ten
Github repo building and testing guardr
Sam Mortenson talk
- https://drupal.slack.com/archives/C1DD80ZKM/p1550697032017600
- https://drupal.tv/external-video/2018-02-06/how-write-insecure-drupal-8-code
Guardr core

Module of the Week:

CrowdSec

https://www.drupal.org/project/crowdsec

Integrates your Drupal site with the open source CrowdSec Security Engine, a collaborative malicious activity detection and remediation tool.

Share

Guests

Mark Shropshire

Benji Fisher

https://www.drupal.org/u/benjifisher

Hosts

Martin Anderson-Clutz

www.epam.com

www.nlightened.net

Become a Patron!

Stay Updated

Sign up for our newsletter and receive

E-Mail Updates.

Contact

show@talkingdrupal.com
@talkingdrupal

Promote Your Event

Learn about promoting your Drupal Event on Talking Drupal.

TalkingDrupal.com is hosted Pantheon.

Copyright (c) 2024 TalkingDrupal.com. All rights reserved.