Drupal’s Security Team has been one of the most critical and long-lasting sub-groupings throughout the entire existence of Drupal as an open-source project. This team of volunteers evaluates, processes, and reviews security reports and fixes, helping to ensure that Drupal as a project maintains its status as highly secure software.
In this Tag1 Team Talk, Tag1 Managing Director Michael Meyers is joined by Drupal Security Team member Michael Hess. In this installment, they’ll talk about what the Security Team does, who does it, and how. They will also differentiate between the Security Team and the Working Group, and how their responsibilities overlap but are not the same.
If you’ve ever reported a security issue or wondered how security reports are handled, this talk explains it all. If you’ve ever considered joining the Drupal security team, get insider information on how that happens, here.