10 Ways Drupal 8 Will Be More Secure

In a recent blog post I talked about 10 ways Drupal 8 will be more secure.

Rather than just repeat what's written, this talk will go into more depth and background on those points.

I will place each of thre secuity improvements into the context of more general PHP web application security (such as which OWASP Top 10 vulnerability it relates to).  I will also show some examples where Drupal 7 code had a exploitable vulnerability in the past that would be blocked by design in Drupal 8. 

In addition, since I helped drive a number of the issues and implement changes both in Drupal and PHP itself, I will also spend a little time talking about how some these changes came about starting from seeing potential weaknesses in our PHP code to deciding on what change to implement.