10 Ways Drupal 8 Will Be More Secure

pwolanin

 

In a recent blog post I talked about 10 ways Drupal 8 will be more secure.

Rather than just repeat what's written, this talk will go into more depth and background on those points.

I will place each of thre secuity improvements into the context of more general PHP web application security (such as which OWASP Top 10 vulnerability it relates to).  I will also show some examples where Drupal 7 code had a exploitable vulnerability in the past that would be blocked by design in Drupal 8. 

In addition, since I helped drive a number of the issues and implement changes both in Drupal and PHP itself, I will also spend a little time talking about how some these changes came about starting from seeing potential weaknesses in our PHP code to deciding on what change to implement. 

Session Track

PHP

Experience Level

Intermediate

Drupal Version