Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Próximo SlideShare
What to Upload to SlideShare
Siguiente
Descargar para leer sin conexión y ver en pantalla completa.

Compartir

Open Source CMS : How secure are they?

Descargar para leer sin conexión

The slides I used for my presentation at 'Software Freedom Day' conference in 2015 - Casablanca.

Open Source CMS : How secure are they?

  1. 1. Open Source CMS : How secure are they ? Software Freedom Day 2015
  2. 2. Who Am I ?  Yassine ABOUKIR,  2nd year business student at ISCAE Casablanca,  Web application security analyst,  Participant in bug bounty programs,  Listed in the Hall of Fame of : Google, Facebook, Twitter, Microsoft, Yahoo, PayPal, Adobe etc.
  3. 3. Why this topic ?
  4. 4. CMS, what’s that ? C  Content M  Management S  System
  5. 5. Popular Open Source CMS https://www.wordpress.org/ https://www.drupal.org/ https://www.joomla.org/ http://www.concrete5.org/
  6. 6. GPL(General Public License)
  7. 7. Open Source CMS market share Statistics from Web Technology Surveys
  8. 8. Some advantages  Free  Simple  Popular  Save time
  9. 9. How secure are they ? “ There is no such thing as absolute security “ “ Security through transparency ”
  10. 10. “ Drupal 8 Security bug bounty program: Get paid to find security ” 50$ - 1000$ Via: https://bugcrowd.com/drupal How secure are they ?
  11. 11. “ Automattic will pay you for security bugs in Wordpress ” Minimum is 50$ Via: https://hackerone.com/automattic How secure are they ?
  12. 12. “ Conrete5 will pay you for security bugs ” Minimum is 50$ Via: https://hackerone.com/conrecte5 How secure are they ?
  13. 13.  Plugins and themes are way more vulnerable. Final thoughts !
  14. 14.  Create a regular schedule to update or patch their CMS, and all installed plugins and themes. Final thoughts !  Regularly backup the CMS and its underlying database.  Set up a web application firewall : Incapsula, Cloudflare, sucuri etc.
  15. 15. Thank you! Follow me on Twitter https://twitter.com/Yassineabouki r I blog at http://yassineaboukir.com/blog
  • AmanSolanki33

    May. 14, 2021

The slides I used for my presentation at 'Software Freedom Day' conference in 2015 - Casablanca.

Vistas

Total de vistas

300

En Slideshare

0

De embebidos

0

Número de embebidos

5

Acciones

Descargas

5

Compartidos

0

Comentarios

0

Me gusta

1

×