Drupal is one of the most secure open source frameworks in the world - if you use it right. If not it can be open(ed) for everyone.
This session will show the most important best practices to keep Drupal sites secure in every stage of a project's lifecycle, which are:
Hosting and Operation
As modern open source software, and Drupal in particular, is more and more based on other open source libraries I will present a workflow and tools to establish continuous security for Drupal (and other library based open source software) with integration into development and QA processes.