Drupal’s Security Team has been one of the most critical and long-lasting sub-groupings throughout the entire existence of Drupal as an open source project. This team of volunteers evaluates, processes, and reviews security reports and fixes, helping to ensure that Drupal as a project maintains its status as highly secure software.
In this Tag1 Team Talk, Tag1 Managing Director Michael Meyers is joined by Drupal Security Team member Michael Hess. In this installment, they will talk about what the Security Team does, who does it, and how. They will also differentiate between the Security Team and the Working Group, and how their responsibilities overlap but are not the same.
If you’ve ever reported a security issue, or wondered how security reports are handled, this talk explains it all. And if you’ve ever considered joining the Drupal Security Team, get the inside scoop on how that happens, here.
Click here for Part 2
The Open Web Applications Security Project (OWASP) developed the list of Top 10 Security Vulnerabilities
For a transcript of this video, see Transcript - Understanding the Drupal Security Team with Michael Hess, part 1.