We talk with prolific Drupal contributor Sam Mortenson about one of his projects. The Tome modules will turn your Drupal 8 site into static HTML. It's a big boost to security, maintenance, and speed.
Mike and Matt talk with the leads of Drupal's "Automatic Updates" initiative to discuss the security, limitations, status, and gotchas of automatic updates.
Previously, I discussed using environment variables as a way to keep access credentials and sensitive data out of your code repository. Find out how they can also be used during API migrations.
Committing the values of your access credentials, such as keys, secrets, and tokens to your Git repository as plain text values in your code is not secure. Find out how you can protect your data.
A Drupal site with private and confidential data brings with it some unique risks. This article provides a checklist to ensure the sensitive data on your site is secure.
We caught up with Wordpress Security Team Lead Aaron Campbell at DrupalCon Nashville to learn about the Open Web Lounge, what's happening with Wordpress Security, and how these communities get along.
Chris gives us a preview of his security talk at BadCamp, tells us why we should say yes to the Drupal community, and explains how a past "yes moment" at DrupalCon Denver is now saving lives.
This article explores what steps to take if you lose a 2FA device, specifically relevant to a person who uses LastPass for password storage, Gmail, and an app for token generation.
