Joomla attended the CMS Security Summit at Google in Chicago

January 30th 2019 - It’s freezing cold in Chicago today and according to the news, it’s even colder than on the Mount Everest - so a perfect day to stay inside a warm building, sitting in front of your machine and having a (sorry, bad Everest joke) summit!

The Joomla Security Strike Team (JSST) was invited to send a delegation to the CMS Security Summit, organised by Google and taking place in Chicago. JSST leads David Jardin and Tobias Zulauf took that opportunity and travelled to Illinois to meet security team leads from other CMS, web hosts and of course a bunch of Googlers representing various projects and initiatives from the company.

Having a face-to-face meeting with folks from other fellow CMS (namely WordPress, TYPO3 and Drupal) and other players in our ecosystem (such as Symfony’s Security lead) was an incredibly valuable experience for us. Work in the IT-security sphere is based on “trust” in many different ways, so meeting other security folks, starting personal relations and building exactly that kind of trust will be extremely helpful in the future when it comes to cross-project communication.

Besides these rather “implicit” results, we also identified various concrete issues that affect us all and where cross-project collaboration would be very beneficial:

Overall it was a great event and a very good starting point to provide better security for all of our users and to have even better cross industry collaboration about securing the web.

We would like to thank Google for the invitation and the perfect organisation as well as the other attendees for such a great summit with lots of great and positive discussions. We are looking forward to more similar events and cross industry collaboration that will be a benefit for all of our users.