Rock-solid Application Security
Security threats are constantly on the rise and every application is a target. With threat prevention, security processes, and world-class application design patterns, your Drupal applications are fortified from day one.
Role-Based Access Control
All access is based on customizable roles and permissions. Roles are additive, letting you manage complex access and management permissions with ease. Want to get more specific? You can build granular permissions down to the field level. Whatever you need, you’re in control.
Advanced Security Features
Password policy and reset rules, IP whitelisting for access, audit log settings, and more security features allow you to meet any guidelines you need. This adaptable system is built with your security needs in mind, whatever they may be.
Secure by Design
Core-level abstractions and security checks ensure that the most common attack vectors are blocked by default. Custom code that follows best practices and relies on these core systems can maintain the same degree of protection.
Expert Security Team
The Drupal project has a 20+ person security team who handles confidential reports of security problems and reviews covered modules. Acquia layers additional security oversight and governance at the platform and support levels.
Module Security Coverage
Maintainers of community modules can opt into security coverage by the security team, who will respond to security problem reports. These community modules are clearly marked, making enhanced coverage unmistakable.
Many Eyes Means Bugs Can’t Hide
Open source software is as secure (often more secure) than proprietary software. Millions of developers view, evaluate, and contribute to Drupal, making it better and safer every day. It's why Drupal is trusted by the U.S. Department of Justice, the FBI, and governments across the globe.
Steward Program and Risk Mitigation
In the event of a highly critical security update, the Drupal security team publishes a notification in advance to warn Acquia and other Drupal Steward participants. Acquia then implements a firewall rule to block the risk vector before the security vulnerability is publicly announced.
For Developers
Find out more reasons why developers love to work with Drupal.
Structured Content
Quickly assemble and manage content models, define relationships between content types, and organize content with powerful taxonomies.
API-First, Not API-Only
Hybrid headless content to power the entire organization. Developers get the full power and flexibility of a headless CMS and authors get low-code publishing. The best of both worlds!
Fully Composable Architecture
With Drupal, one of the largest open source communities on the planet, you can choose from 10,000+ extensions and integrations! Assemble and evolve your CMS to meet the needs of today and tomorrow. There is no such thing as future-proof, but composability means you can be future-ready.
World class performance and scalability
Building amazing web applications is no longer enough. You also need to ensure they are fast, delivered from the edge, and capable of handling extreme traffic bursts, like the Super Bowl and NBC Olympics.
Developer Workflow Tools
With the right tools, a developer can write more code, make fewer mistakes, and innovate faster than anyone else. With 100% cloud-based development tools, you have everything you need from the get go.
Rock-Solid Application Security
Security threats are constantly on the rise and every application is a target. With threat prevention, security processes, and world-class application design patterns, your Drupal applications are fortified from day one.
Open Source Community
The Drupal community is one of the largest open source communities in the world and provides an open source back-end framework for at least 14% of the top 10,000 websites worldwide. Come for the code; stay for the community.