Drupal Planet

Automatic updates - a study by the University of North Carolina State

A study from the North Carolina State University discovered that projects which are using open source libraries are updated 60% more often when using automatic updates via pull requests. The base of the study are 7,470 repositories on GitHub. This blog post is a summary of the most important facts and highlights of the methods, challenges and tools when it comes to use of automation for reaching a higher security level while using open source libraries.

There are 3 main facts why open source updates are a pain for developers

  1. Developers are always busy and doing updates is no fun

Drop Guard is cutting costs by 40% - facts and figures

While working with other agencies and NGOs during the last 1,5 years, we collected more and more information about the time and money that Drop Guard will save your agency. On our website, we claim that Drop Guard will cut your update costs by 40%. CTOs and COOs want to challenge numbers like this and ask how exactly this ROI is calculated. That’s why I want to share the detailed information in this blog post with you.

Security updates are released every Wednesday. If you work in a Drupal shop that cares about security, you have to apply updates for every site every Wednesday or at least Thursday.

DrupalCon's 5 top DevOps & Automation sessions

With the end of September, DrupalCon Vienna is also coming closer and we can't wait to welcome you to our booth #S08. As a Silver sponsor of the event, we'll have the chance to present continuous update management to you on site. But - we also can't wait to learn a lot from other agencies and attendees! At DrupalCon there's always a chance to learn something new, be it a whole new approach or a connecting piece of unidentified issues - by asking but most of all by listening.

 

What’s on the Drop Guard roadmap this month? A forecast

Drop Guard is in a continuous process of optimization and development. As it is still a unique platform concept on the market place, we started years ago with a sketchy blueprint of what Drop Guard is today - and rather will be in future. With this post I will give you a quick overview of what is planned and something which is a little secret between you and me.

 

Setting up Drop Guard as a bigger agency - an experience report

When it comes to new tools, different workflows or any other kind of process changes, a company needs to ensure that the changes happen as smooth and resource saving as possible. 
Drop Guard will undergo some big improvements this year to keep this switch for our users, developers, small Drupal shops and big agencies, as simple as possible. Besides outside-feedback from customers, we always love to hear the thoughts of our own team members. This time, we want to share an interview with our web developer Serkan Bekdemir, who’s now responsible for the Drop Guard usage in our own company, Bright Solutions

Enjoy a scoop of honest critique and suggestions!

What's keeping us busy this spring

We, at Drop Guard, never stop thinking what else can we do to help Drupalistas around the world to get aboard of the continuous update process ship (as we call it) as soon as possible. More and more threats are being discovered every day, and it's absolutely imperative to stay alerted all around the clock either with help of automation platforms like Drop Guard or doing things your own way.

New security challenges arise

Two days ago another highly critical security update affected Drupal and many other CMS systems. It was the PHPMailer Library which leaves millions of websites vulnerable to the remote exploit (see https://www.drupal.org/psa-2016-004 for details). In comparison to Drupalgeddon which had a risk of 25/25 this update has 23/25. BUT there are some things which make this update even riskier than Drupalgeddon: