Security in Practice: Tools and Techniques
Security is not a one-time activity that is performed and completed. A mature operation promotes continuous improvement in an ever evolving landscape of threats and mitigation techniques. Where does this leave us in the Drupal community? This presentation focuses on the tools and techniques for promoting security in practice related to Drupal, both the infrastructure and the application. We will explore the different user personas and targeted attacks that can be exploited within typical Drupal applications. I’ll present some high level recommendations for mitigating these attacks, including multiple uses of two-factor authentication, development best practices, security conscious development workflows, continuous integration and DevOps practices, log analysis integration, community contribution, and alert and monitoring solutions. I’ll wrap up exploring future opportunities with emerging topics like secret managers, blockchain, and machine learning.
Speakers
Adam Bergstein
Adam is the Associate Director of Engineering in 2015 at Civic Actions and brings experience in technical architecture and a passion for helping people work together at top-notch productivity. A mentor and team player to the core, Adam participates in the open source Drupal community and views projects as opportunities for teams to grow and shine.
Adam has led development efforts rebranding a national telecommunication company website, integrating the systems of a financial services firm into a modern web solution, and implementing a headless content management system for an international retailer’s e-commerce system. He led development efforts on the redesign of Penn State’s World Campus website, promoting online educational offerings that improve access for non-traditional learners like single parents and members of the military. At CivicActions, he is currently working on a website rebranding project for a government agency.
Before CivicActions, Adam was at Acquia, where he served as a Technical Architect. He spent many years in higher education at Penn State University, where he served as a team lead, developer, faculty member, researcher, and graduate student. He advocates for the trifecta: thoughtfully crafted technology, people-focused solutions, and the power of ongoing learning.
Adam has been researching Drupal 8 and gives back to the community through porting of contributed modules, like Taxonomy Menu and Password Policy. His book-in-progress, “Problem Solving in Drupal 8,” is intended to introduce Drupal 8 strategies to those familiar with conventional web problems. Additionally, he is researching and developing a tool to oversee DevOps for Drupal projects. He loves speaking about what he has learned and can often be found presenting at Drupal Camps and DrupalCons. Adam serves on the IT Board of Juniata College.
Adam holds a masters degree in Computer Science / Information Security from Penn State University and a bachelor degree in Computer Science from Juniata College. He lives in a small town in Pennsylvania where he enjoys seeking out great food and drink, especially craft beer. His life is enriched by his wife, two daughters, and a dog.