At each opportunity it has, the Drupal Security team tries to help share information about its processes and how to write secure code in Drupal. The attached presentation was given at the Barcelona DrupalCon in 2007.

This presentation discusses security starting with "Why Bother" then discusses just how often holes are present, what kinds of holes there are, which holes are most common, and finally how to fix the most common problems using the Drupal API properly.




pdf file - 833KB