Drupal Security: Protect Against CSRF [May 15, 2012]
Want to learn more about Acquia's products, services, and happenings in the Drupal Community? Visit our site: http://bit.ly/yLaHO5.
In this webinar, Greg Knaddison (Drupal Security Team Lead & Acquia's Director of Security Services) will provide an introduction to Cross Site Request Forgeries (CSRF) and strategies for how to protect against it using Drupal's API. CSRF is a common developer mistake, especially when creating rich, Ajax interfaces. The webinar will start by diving deep into the technical details of how CSRF attacks work including a demonstration of recent CSRF vulnerabilities. Next we'll look at the two most common recipes for fixing CSRF in Drupal. The session will end with a Question & Answer period where you can ask your questions about how CSRF works.