When Adrian from Softescu reached out to me it was the first time i heard about the Drupal HackCamp. A whole camp focused on security – SURE!
I’ll write more about the camp later. Let’s start with my slides here first!
Slides
Conclusions
- Web Application Firewalls buy you time till you update your site
- Update your core and modules regularly (at least the critical Modules)
- Automate your processes! Sometimes you only have a couple of hours till attacks roll in.
- Have several layers of security – It will pay out in the long run
- It’s not humans that exploit your site – It’s bots
- We should come up with a better naming than shouting Drupalgeddon 😉
Resources
There are many many resources linked directly in the talk but I’ll highlight a few here:
- Checkpoint Research Blog article on exploiting SA-CORE-2018-002
- Article on Exploiting Drupal sites to mine Cryptocurrencies
- Fastly on mitigating SA-CORE-2018-002
- Github Security Scanning
- Drupal Automatic Updates Initiativef
- Attacks we saw rolling in at amazee.io after the exploit was published