Upload
dinhkhanh
View
214
Download
0
Embed Size (px)
Citation preview
Project a Secure Web 2.0(using Drupal)
Paolo Ottolino PMP CISSP-ISSAP CISA CISM OPST ITIL paolo.ottolino (at) isc2chapter-italy.it
May XX, 2016
Agenda
Web 2.0 & CMS
Drupal Security
CMS Cyber Risk
Agenda
Web 2.0 & CMSNeeds, Functionalities, Selection
Web 2.0: Insecure by Design?
Web 2.0 & CMS: Logical Architecture
CMS Solution: Top 3 used products
Most wanted CMS Functionalities…
UK and EU Org & Biz use Drupal…
… but also US makes strong use of Drupal!
Full CMS Functionalities
Agenda
CMS Cyber RiskThreats, Vulnerabilities, Countermeasures
CMS Threats: Security Hacking
CMS Vulnerabilities: Open Web Application SecurityProject
CMS Vulnerabilities: OWASP Top10
CMS Risks: Risk-Threat-Vulnerability Map
CMS Risks: DevOps Security Strategy
CMS Risks: DevOps Security Strategy
Agenda
Drupal SecuritySecurity DevOps, Keeping Secure, Drupal 8
Drupal Security DevOps Strategy
Keeping Secure: CMS Patch Comparison
Keeping Secure: Drupal actors (1/2)
Keeping Secure: Drupal process (2/2)
Keeping Secure: Drupal process (2/2)
Drupal8: Cover the Lacking Functionalities…
Drupal 8: Welcome Easiness!
Grazie
Paolo OttolinoPMP CISSP-ISSAP CISA CISM OPST ITILpaolo.ottolino (at) isc2chapter-italy.it