Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Today we are talking about Drupal Security with Mark Shropshire & Benji Fisher.
For show notes visit: www.talkingDrupal.com/396
Topics- Why do you care about security
- Best tips for securing Drupal
- Common Security Issues people have with Drupal
- Convincing module maintainers to do full releases
- Testing to ensure security
- Guardr Drupal security distribution
- What does the Drupal Security team do
- Finding issues
- Review compromised sites
- Becoming a member
- Process for writing security notices
- Helping the security team
- How to Join the Drupal Security Team
- How to get involved
- Passwords:
- Discussed at this BadCamp talk - Sleep Better at Night with a Secure Drupal Site
- OWASP
- OWASP Zap baseline
- Benji's talk introducing the OWASP Top Ten
- Github repo building and testing guardr
- Sam Mortenson talk
- Guardr core
Benji Fisher - tag1consulting.com @benji17fisher Mark Shropshire - shrop.dev @shrop
HostsNic Laflin - www.nLighteneddevelopment.com @nicxvan John Picozzi - www.epam.com @johnpicozzi Jordan Graham - @jordanlgraham
MOTW CorrespondentMartin Anderson-Clutz - @mandclu CrowdSec Integrates your Drupal site with the open source CrowdSec Security Engine, a collaborative malicious activity detection and remediation tool.