Security overview of Plone

  • Nejc Zupan
  • October 2011

Slide contents

  • Security overview of Plone
  • Plone what?
  • Big Players
  • Plone what?
  • Best security track?
  • ... in numbers
  • How does Plone fight for security?
  • 10 most common security vulnerabilities
  • V1: Unvalidated Input
  • V2: Broken Access Control
  • V3: Broken Authentication and Session management
  • V4: Cross Site Scripting
  • V5: Injection Flaws
  • V6: Improper Error Handling
  • V7: Insecure Configuration Management
  • When shit hits the fan
  • Thanks!