Drupal Security: From startup to enterprise

Cellar Door

Whether you work with a startup or a large enterprise, security should be at the top of mind. The Drupal community has taken some great strides lately to address various security best practices and concerns but many developers just don't know the tools and techniques readily available to them. From encouraging best practices among your team, setting up your server environment, developing secure code or using contributed modules, we'll discuss these best practices for securing your site and your data. 

We'll cover a few of the points from my recent talks in Los Angeles, Barcelona and Bad Camp but also discuss new security developments with Drupal 8 (and Drupal 7) since then and how we can continue to be a more secure community. Also we'll look at new data privacy regulations around the world and how they will change the way we build sites.

This session is aimed at the developers and/or site owner wondering what more they can do to secure their site and the data it collects. Whether you have a site that has hundreds of page views or millions, we will cover practical steps and common holes which will apply to everyone.

Session Track

Coding and Development

Experience Level


Drupal Version