We work with organizations for whom it is paramount to protect sensitive corporate information, personally identifiable data, client data, HR plans, or other restricted details. Whether it is a project for the military, the health industry, the FinTech sector or for human right work, we understand how critical it is that the CMS (Content Management System) we recommend, implement and deploy be highly secure.

There were over 950 major cyber attacks in 2017 alone. That's why our CMS frameworks of choice are Plone, Django CMS and Wagtail. All three are open source software built in Python, and they all have outstanding security track records.


It is widely accepted that Plone has the strongest security functionality of any open source CMS available today. Plone is inherently more secure than any PHP-based CMS, which is well documented on numerous security-oriented web sites. Plone was launched in 2003 and in just over a decade-long operating period has logged fewer than 50 security vulnerabilities. Competing platforms like WordPress, Joomla and Drupal have each logged in excess of ten times that amount. This high security standard has garnered the attention of many security conscious organizations and government agencies including NASA and the FBI, who picked Plone for their Enterprise Web CMS solution.

Plone is an advanced and flexible Enterprise CMS. It is a favored open source CMS for Higher Ed, enterprises, and the government for its flexibility, security, scalability, extendability and enterprise integration capabilities.
Organizations relying on Plone include: the FBI, CIA, NASA, Fermilab, Eli Lilly & Co., Amnesty International, and many more.
At Six Feet Up, we have been a leader in Plone custom development, Plone products and Plone deployment and hosting services since 2003.
We have had the opportunity to work on a wide variety of projects:
  • Plone theming
  • Custom content type creation
  • Custom publishing workflow
  • Sophisticated roles and permissions setup
  • Integration with Solr
  • LDAP and Active Directory integration
  • Legacy database integration
  • CRM integration (mostly Salesforce and SugarCRM)
  • Migration to Plone
  • Plone upgrade
  • Deployment with Load balancing and Caching
  • AWS Deployment
  • Plone Training and Mentoring
  • Plone Support
  • Etc.
During this time, we have customized configurations and sets of products for specific uses within the Plone infrastructure. This has greatly reduced the cost and time to implement common enterprise solutions for our clients.
Over the years, we have successfully delivered hundreds of Plone implementations in a number of industries, such as:
  • Health & Life Sciences
  • Education
  • Finance
  • Consulting
  • Publishing
  • Non-Profit
  • NGOs
  • High Tech
  • Transportation
  • Government
  • Military
  • Etc.
Have a Plone project?

Django CMS

Django CMS security track record

Django CMS is a flexible Content Management System that is built on top of the Django web framework. Django takes security extremely seriously (https://docs.djangoproject.com/en/1.11/topics/security/) and helps developers avoid many common security mistakes, such as SQL injection, cross-site scripting, cross-site request forgery and clickjacking. Its user authentication system provides a secure way to manage user accounts and passwords. Any Django application that follows good practices will inherit those security benefits. 
Many thousands of sites use Django CMS, including Ubuntu, NASA, PBS, National Geographic, just to name a few. A number of banks, organisations that require maximum web security, do rely on Django CMS.

Plone vs. Django CMS

Django CMS offers more flexibility out of the box than Plone. It is more lightweight and we especially appreciate its clean code for maintainibility and security purposes. However, Django CMS does not provide much support for complex permissions or workflows, which can be essential in a CMS project.
Over the years, we have implemented and rolled out several large Django CMS projects:
  • Faceted search with Solr
  • Haystack integration for member and content search
  • Django FSM implementation for custom workflows
  • Advanced menu system development
  • Custom plugin creation
Success stories:
  • DCGreenScene / Environment
  • Smartfile / Tech
  • trueU / Online Services
  • ReTrans / Transportation
  • Keystone Purchasing Network / Online Services
  • PEPPM / Online Services
  • RPDS / Life Sciences
  • Tarana Blueprint / Tech
  • Eularis Blueprint / Marketing
Have a Django CMS project?


Wagtail is a relatively new content management system that came out in 2014 but is rapidly growing in popularity. Just like Django CMS, Wagtail is built in Python and Django, so it is very secure and reliable.

Django CMS vs Wagtail

Unlike Django CMS, which brings many built-in features to get developers started fast but can feel a bit complex and heavy when it's time to extend the data model or add some new features, adding functionalities and redesigning sections of a site has been streamlined in Wagtail.
Wagtail is focused on flexibility and user experience. Extending the model to add more custom functions was made espcially easy, as well as integrating other Django applications with Wagtail CMS. However the initial learning curve can be in the way of developers new to Wagtail.
Case study:
  • Aptean feasibility study
We pride ourselves in the quality of our work. Our goals are:
  • 100% match between the specs and the deliverables
  • No surprise issue once launched
  • Maintainable code
  • Smooth upgrades moving forward
  • Thorough documentation of the system
  • Ongoing support
Have a Wagtail project?

Thanks for filling out the form! A Six Feet Up representative will be in contact with you soon.

Have a question? Want to connect with us?