In this session, I'll show the most common vulnerabilities that our Drupal code can have and how we should be prepared to avoid such an insecure code to be released. The presentation covers trends in vulnerabilities, starting in general aspects then showing Drupal specific ones. I'll also speak about what we should do if we find any vulnerabilities in contributed solutions.
All backgrounds are welcome from Drupal site builders to contributed projects' maintainers! Every one of you will be able to learn and improve your security awareness as being an active participant in the session.
Be ready for some showcases where we'll check Drupal 7 and 8 codes that are vulnerable and will fix them in live!
Balazs is a proud Hungarian Drupalist, lives in Brussels, Belgium. He works as CTO at Petend and as IT Security Analyst, Drupal Security Correspondent and Service Manager at the European Commission. He is currently a Provision Member of the Drupal Security Team.
He started to give talks in 2015 and his main focus is raising awareness for security on open source fields. You can meet him at Drupal camps, talking about how much he loves to be a security researcher and mentor at Drupal fields - catch him in a bar and say 'Hi' to start a conversation!