Blog

Topics
authentication
Blog
2
Posted by Preston So at Acquia on Oct 11, 2018

Perhaps the most critical component of any decoupled Drupal architecture is a robust authentication mechanism that protects data transmitted between a Drupal site and API consumers like JavaScript

fiberoptic cables against computer code
Blog
1
Posted by Acquia Incident Response Team at Acquia on Oct 2, 2018

On the 28th of March 2018 the Drupal Security Team announced SA-CORE-2018-002, a serious Remote Code Execution vulnerability, which came to be known by many as "Drupalgeddon 2". Here's what we learned defending against it.

Matthew Grasmick and Jeff Geerling presented on Composer and Drupal at DrupalCon Nashville.
Blog
1
Posted by Jeff Geerling on Apr 19, 2018

Fellow Acquian Matthew Grasmick and I just presented

geographic distribution of SA-CORE-2018-002 attacks against Acquia's customers
Blog
1
Posted by DC Denison on Apr 18, 2018

The Acquia blog has a fascinating and important post by Dries Buytaert and Cash Williams on the recent Drupal critical security vulnerability, and it'

bad-password
Blog
4
Posted by Drew Webber at Acquia on Mar 28, 2018

Easy-to-guess passwords are all too often the means by which intruders gain unauthorised access.

Acquia Cloud UI
Blog
0
Posted by Cash Williams at Acquia, Inc. on Mar 9, 2018

One of the common issues I've noticed when working with customers is the tendency to treat non-production environments, such as dev or stage, as less important with respect to security.

This is understandable since these environments are effectively disposable and could be rebuilt from production at any time. However an important consideration that should be taken into account is what data lives in these environments.

Travis CI guy
Blog
4
Posted by Cash Williams at Acquia, Inc. on Nov 14, 2017

For the past 6 years, private Github repositories using Travis CI have been vulnerable to a privilege escalation attack.

Acquia's team at DrupalCon Asia Mumbai
Blog
0
Posted by Jeffrey McGuire at Acquia, Inc. on Apr 19, 2017

If you’re coming to DrupalCon Baltimore and you’re curious about Acquia, there are a couple of ways to meet the company and see what we’re about beyond the marketing and sales efforts that get directed at potential clients. One great way is to come to our sessions!

password screen
Blog
0
Posted by Drew Webber at Acquia on Apr 3, 2017

People tend to choose bad passwords if they are allowed to.

Drupal Splash Awards Germany 2017
Blog
1
Posted by Jeffrey McGuire at Acquia, Inc. on Mar 16, 2017

Hamburg, March 15, 2017 - Members of the German Drupal community — contributors, service providers, end users — came together to celebrate their successes in 2016 with the world’s leading open source content management system and application platform at the 2017 German Splash Awards.

Blog
3
Posted by Peter Wolanin on Aug 16, 2016

Do you let users upload files to your Drupal site? You know that "user" is a synonym for attacker, right?.

Drupal logged PHP messages on screen
Blog
2
Posted by Jeff Geerling on Jun 30, 2016

Many developers who work on Drupal (or other web/PHP) projects have error reporting disabled in their local or shared dev environments.

Blog
6
Posted by Heather James on Jun 16, 2016

Good security practices protect your site from hacker attacks. In this article we'll look at some methods for reducing security risks on your site. 

Drupal 8 logo
Blog
1
Posted by Jeffrey McGuire at Acquia, Inc. on Apr 5, 2016

Each day, more Drupal 7 modules are being migrated to Drupal 8 and new ones are being created for the Drupal community’s latest major release. In this series, the Acquia Developer Center is profiling some of the most prominent, useful modules, projects, and tools available for Drupal 8. This week: simpleSAMLphp Authentication.

Drupal 8 logo
Blog
2
Posted by Jeffrey McGuire at Acquia, Inc. on Feb 25, 2016

Each day, more Drupal 7 modules are being migrated over to Drupal 8 and new ones are being created for the Drupal community’s latest major release. In this series, the Acquia Developer Center is profiling some of the most prominent, useful modules available for Drupal 8. This week: Honeypot.

Topics