> Your golden ticket to managing all of your business's online content—blogs, photos, infographics, artwork, multimedia, and more—is now available. We are excited and proud to announce the availability of [CMS Airship on the Amazon Web Services (AWS) Marketplace](https://aws.amazon.com/marketplace/seller-profile?id=139a5240-4d65-457b-81cf-6f13833a6ecd). ### Introducing CMS Airship

CMS Airship is a core development platform that is simply secure, out-of-the-box.

CMS Airship offers best-in-class cryptography features and well-designed security protocols, including **two-factor authentication** and **IPv6-aware brute-force login resistance**. Airship's features were designed from the ground up to protect your assets against a wide range of threats, ranging from common website security concerns such as the OWASP Top 10 to the sort of techniques only leveraged by very sophisticated hackers. If a security vulnerability is ever discovered in Airship, the fix will automatically and [securely](https://paragonie.com/blog/2016/05/keyggdrasil-continuum-cryptography-powering-cms-airship) be installed within one hour of its release, guaranteed, in the default configuration.

PHP CMS Out-of-the-Box Security Comparison Chart
Security Feature	CMS Airship	WordPress	Drupal	Joomla!	Notes
Note: A detailed technical breakdown of the security of the other CMS platforms is available.
Automatic Updates					The automatic updates you receive are secure against forgery even if our update server is compromised.
Prepared Statements					For preventing SQL Injection vulnerabilities.
CSRF Protection Everywhere					Plugins notwithstanding.
Context-Aware Output Escaping		Escapes on input			For preventing cross-site scripting vulnerabilities.
Content Security Policy					CMS Airship lets you manage CSP and HPKP headers through a web interface.
HTTP Public-Key-Pinning
Password Hashing	Argon2i	Salted MD5	SHA512Crypt	bcrypt	Read more about how to safely store users' passwords and why Argon2 is the best choice.
Two-Factor Authentication
Secure "Remember Me" Checkboxes					We outlined how to implement secure "remember me" checkboxes in PHP last year.
Login Brute-Force Resistance
Account Recovery: Opt Out
Account Recovery: GnuPG Encryption					CMS Airship allows users to provide a public key, which will be used to encrypt the outgoing account recovery emails.
Encryption	Halite	N/A	N/A	Defuse v1*	* As of v3.5.0; before, JCrypt was insecure.
Minimum PHP Version	7.0	5.2.4	5.5.9	5.3.10	Read more about why low minimum PHP version requirements are bad for security.
Code Footprint	56,078	490,115	978,569	851,019	Less code usually implies less room for bugs to slip in. This metric is useful for estimating the cost of a full audit.
Free / Open Source	Github	Trac	Git	Github	All four are released under GPL
Security Feature	CMS Airship	WordPress	Drupal	Joomla!	Notes

Read more about [the security benefits of CMS Airship here](https://paragonie.com/blog/2016/06/php-security-platinum-standard-raising-bar-cms-airship).

Never again worry about zero-days.*

Even with all the security CMS Airship offers, everything is extensible and can be fully customized to suit your needs. To learn more, see [the official CMS Airship online documentation](https://github.com/paragonie/airship-docs/tree/master/en-us). Both AMIs on the AWS marketplace contain all of the tools needed to develop—and optionally publish—your own CMS Airship extensions. The same security protocol that protects Airship's self-updater will armor your custom extensions.

Be the solution.

CMS Airship (Standalone)
Includes an onboard SQL database
CMS Airship (Lite)
Lightweight; intended for use with Amazon RDS

CMS Airship has established the platinum standard of web application security. At Paragon Initiative Enterprises, our mission is to move the needle towards more security without getting in the way of productivity. We improved the security of the software that powers [over 30% of the Internet in 2015 alone](https://paragonie.com/blog/2015/12/year-2015-in-review). By choosing the official CMS Airship images available in the AWS Marketplace, in addition to choosing a more secure platform for your business, you'll be supporting to our efforts to make the Internet a safer place for everyone. ***The sky is only the beginning.***

Get involved.

* [CMS Airship on Github](https://github.com/paragonie/airship) * [CMS Airship on Reddit](https://www.reddit.com/r/cmsairship) * [Paragon Initiative Enterprises on Facebook](https://facebook.com/ParagonIE) * [Paragon Initiative Enterprises on Twitter](https://twitter.com/ParagonIE) If you have any questions or would like to inquire about our application security services, feel free to [contact us](https://paragonie.com/contact). -----

* Because updates are securely installed within one hour of their availability, the time-scale of a fix being applied is no longer meaningfully measured in days. Zero hours are the new zero days.

The other half of the equation is code quality and preventing vulnerabilities from occurring in the first place. For that, we offer our history of open source security research as an assurance.