Talking about security in Drupal
This coming fall we'll be talking about security in Drupal so much I can barely believe it.
Acquia Webinar - October 8th online
First up is an Acquia Webinar, which will be a review of security in general and then we'll show two common mistakes that cause the majority of the problems in Drupal sites and modules. The talk will discuss the topic area broadly covering the perspectives of business users, technical users, and developers.
Note, you must register for the webinar before it happens.
BADCamp - October 17th and 18th near San Francisco
Ben Jeavons, a recent addition to the Growing Venture Solutions team, will be speaking on our behalf at the Bay Area Drupal Camp out in California. He will be giving a talk aimed at beginners and site admins called Drupal Security for site administrators and beginners
AppSec - November 12th and 13th in Washington DC
Ben and I will both be headed out to AppSec - the Application Security conference hosted by OWASP - the Open Web Application Security Project. We'll be there mostly to learn and share ideas, not give any presentations per se. But I do think that Drupal's security tools and philosophies could one day form the basis of a presentation at OWASP conferences. We particularly look forward to learning from other folks about security team process - the Drupal security team is always looking to follow best practices and improve upon them.
Do it with Drupal - December 9th, 10th, 11th in New Orleans
I'll be headed down to New Orleans for this year's Do It With Drupal conference. The feedback from last year's event was quite positive and I'm sure that it will be a great event again this year. My talk at DIWD will probably be a mix of sysadmin and developer and general security education - I've got over an hour to play with, so I'm looking forward to it.
Free copies of Cracking Drupal ;)
Yes, that's right, at all of these events we will be giving out free copies of Cracking Drupal to a few lucky audience members. So please come on by and say hello, ask great questions and you may be a lucky winner as well.
Security Review for your Drupal Site
These presentations are nothing new for Ben and I. I've been giving them since Drupalcon DC and Ben since Drupalcamp Colorado. Historically we've given them with the goal of educating the public and hoping to reduce the work the Drupal security team has to do. Educated developers make for secure developers.
What is new is our security review service. More details about that after the Acquia webinar, but if you're interested in having a site or module reviewed for its security please contact us.