Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
At each opportunity it has, the Drupal Security team tries to help share information about its processes and how to write secure code in Drupal. The attached presentation was given at the Barcelona DrupalCon in 2007.
This presentation discusses security starting with "Why Bother" then discusses just how often holes are present, what kinds of holes there are, which holes are most common, and finally how to fix the most common problems using the Drupal API properly.