Static Analysis for Drupal Sites: Site Audit, Security Review, and Coder


Ever wanted to know if your Drupal site is configured correctly, secure and uses best development practices? Want to integrate those tests into your continous integration setup? Interested in helping add more checks to Drupal sites?

Join Matt Cheney, Pantheon co-founder and Jon Peck, author of Site Audit as we discuss what static analysis is and why we should analyze sites, then explore how to use three industry recognized Drupal analysis tools on both Drupal 7 and 8 sites.

Site Audit is a Drupal static site analysis platform that generates reports with actionable best practice recommendations, and is used to power Launch Check on Pantheon. []

Security Review automates testing for many of the easy-to-make mistakes that render your site insecure. []

Coder checks your Drupal code against coding standards and other best practices. []

By collaborating on and using standardized analysis tools, developers can save time and overhead and focus on delivering value.

Matt Cheney (populist) - Matt is a long time Drupal developer who co-founded both Pantheon Systems (a Drupal platform service) and Chapter Three (a design and development shop). He is an active Drupal event organizer (Drupalcon San Francisco, BADCamp) and contributor to Panels, including being the maintainer of Panopoly.

Jon Peck (fluxsauce) - Jon is a Senior Engineer at Four Kitchens and a author with 13 courses on development. He’s spoken at many Drupal Camps about performance, site auditing and deployments. He’s the author of multiple Drupal utilities, including site_audit, generate_errors, feeds_import_io, and a co-author of Terminus.

Session Track

Coding and Development

Experience Level


Drupal Version