Explore Our Venue

Don't miss our next announcement

Subscribe to our newsletter:

Developer All Attendees Gaige Hall 203

Security in Drupal: what can go wrong?

photo of Benji Fisher

Benji Fisher

Web Platform Developer at Harvard Web Publishing

Let's "get off the island" and look at Drupal security from the point of view of an outsider.

The OWASP Top Ten is an industry standard list of the most common vulnerabilities that can affect web sites. This session will start with an overview of the Top Ten, and then take a more detailed look at a few of these vulnerabilities. We will review some actual Drupal security advisories:

  • What the vulnerability looks like
  • How the Drupal security team communicates the problem
  • The code that was updated to fix the problem

Only a few of the slides fall under the last bullet point. You do not need to be a developer to appreciate the rest.

This session will help teach you about good "web hygiene" and what you can do to make your site more secure. It will also help you recognize when you need to rely on an expert.

Additional Details:

  • Audience level: All Attendees
  • Topic: Developer
  • Room: Gaige Hall 203

Presentation slides:

Download Slides

Updates

Join Us at the Higher Education Summit Keynote: Higher Ed, Civic Trust and the Role of the Web

Discover how higher ed websites can build civic trust and reflect community values. Join Jessica Pontarelli Evans of Brown University as she explores the web’s public purpose at the New England Drupal Camp’s Higher Education Summit keynote.

2025 Keynote Announced!

What happens when you treat curiosity not as a means to an end, but as a design tool in its own right? In this year’s keynote, Jason Pamental unpacks how following hunches, chasing questions, and poking at the edges of the unknown can lead to richer, more resonant digital experiences.