Let’s write secure Drupal code!

Speaker

Balazs

Janos Tatar

Company:

Petend

I'm Balazs, a Hungarian Drupalist, living in Brussels, Belgium - working as an IT Security Analyst and Drupal Security Correspondent at the European Commission and also leading the technology division of Petend as its Chief Technology Officer.

Since 2015 I give sessions on drupal related events (DrupalCamps, Drupal Europe, uncountable meetups and SecOSday), started with quality assurance topics and turned to security fields in 2017, giving the Let's write secure Drupal code! session many times to raise security awareness for Drupal folks. My drupal community involvement covers a broad spectrum: being an active mentor at the Drupal Core Mentoring, also maintaining the new Mentoring community group on drupal.org and being a Provisional Member of the Drupal Security Team.

You can meet me in Brussels when there is no running DrupalCamp, otherwise I'm pretty much present at most of the European ones - say Hi to me and start a pleasant discussion about Open Source Softwares, Drupal, Security or whatever pops up :)

https://www.drupal.org/u/tatarbj

https://twitter.com/tatarbj

Presentation Description

Level

Basic

Language

In this session, I'll show the most common vulnerabilities that our Drupal code can have and how we should be prepared to avoid such an insecure code to be released.
The presentation covers trends in vulnerabilities, starting in general aspects then showing Drupal specific ones.
I'll also speak about what we should do if we find any vulnerabilities in contributed solutions.

All backgrounds are welcome from Drupal site builders to contributed projects' maintainers! Every one of you will be able to learn and improve your security awareness as being an active participant in the session. Be ready for some showcases where we'll check Drupal 7 and 8 codes that are vulnerable and will fix them in live!