Running a blog or CMS-based web site is a big responsibility. For an organization, a single poorly secured web site can be the foothold an attacker needs to breach a network. If you run a small business, you could be putting your clients in danger. The challenges to add security to these deployments can often be confusing when trying to figure out what to secure and how to do it.
This talk will go over a number of security enhancements that most administrators can make in minutes that collectively can add some much needed security hardening to your typical Drupal deployment. Mark will provide insights into why certain steps are needed and the realities of not following the guidance being given from someone who has not only had to secure web sites for years, but also break into them for his job. If you run Drupal and care about keeping your clients or organization secure, you'll want to catch this talk!