Security Summit

Date: Tuesday, April 9
Time: 9:00 am - 4:30 pm
Cost: $250 (Coffee and lunch included)
Hashtag: #DrupalSecurity

This Summit aims to help connect you with other Drupal users who actively work on making their sites safer, to learn from each other about best practices, new trends, and generate ideas in a day that includes collaborative peer discussion and a red team activity.

Who should attend?

Anyone interested in web security. We will discuss common vulnerabilities and how to protect them. We will hear from folks that find security issues in public sites. We will also hear about Drupal Steward and the unique problems it can solve.

Why attend?

We will be covering information on Drupal security and web security Depending on audiences wishes, we may do a live hacking exercise.

We will discuss what the Drupal security team is and how they do their work.

Agenda*

*Subject to change.

9:00am - 9:15am	Welcome and Introductions
9:15am-10:15am	Sessions Learn about different types of vulnerabilities in Drupal via stories - Michael Hess Coordinated disclosure, cross-project collaboration, and Drupal 8 security - Jess (xjm) Death by a thousand dependencies - Cash Williams
10:15am - 10:45am	Coffee break
10:45am - 11:45am	Drupal Steward introduction
11:45am - 12:45pm	Lunch
12:45pm - 3:15pm	Sessions Drupal Long Term Support & Extended Support updates - David Snopek 10 Ways Drupal 8 is More Secure - Peter Wolanin Storming the Iron Castle BeEF - Benni Mack Security research and hacking - Live! - Samuel Mortenson
3:15pm - 3:45pm	Coffee Break
3:45pm - 4:30pm	How to write insecure Drupal 8 code - Samuel Mortenson Final Questions
4:30pm	Summit adjourns
5:00pm	Exhibitor Reception in the Exhibit Hall, Level 4