11. Comparison Points
• Code Repository
• API Security
• Security Management Model
• Security Controls and Tools: FISMA
12. Repository
• Drupal: Open Source, GIT, drupal.org
• Joomla: Open Source, GIT, GitHub
• Word Press: Open Source, git mirror of
SVN on wordpress.org
• SharePoint: Closed source, ?, TFS
• Liferay: Open source community edition,
GIT, GitHub
18. Security Mangement
• Drupal: Security Team: Resolve issues, assist
module maintainers, documentation,
responsible disclosure, secure coding guide,
full project review
• Joomla: Joomla Security Team: vulnerable
extension list, secure coding guide
• WordPress: laissez-faire, data validation guide
• SharePoint: Service packs, app review
• Liferay: Security team (focused on core), open
app marketplace
19. Open Source Community &
Competition
• Drupal and WordPress
• Ease of Use vs. Power
• Good Enough, Means to an End
• Object-Oriented = Harder to Use
• Risk Management Trade-Offs
21. Roles & Permissions
• Drupal: Granular, flexible security permissions
matrix; easy to create new roles and permissions;
complex( distributions & mods:OA, WB)
• Joomla: Frontend & backend groups,
administration area
• WordPress: Roles and capabilities, admin area
• SharePoint: SharePoint groups and roles, mapped
to AD groups, site collection admins, elevated
privileges
• Liferay: Granular system built on JSR-286