Announcing HackMyCF Paid Subscriptions
Hopefully you are now aware of the service I created in October 2009 called HackMyCF, it's been used to help secure over 3000 ColdFusion servers! If you're not familiar, it is a scanner that looks for security vulnerabilities on your server. It distinguishes itself by being able to find ColdFusion specific vulnerabilities that your average run of the mill PCI scanner does not (note that HackMyCF is not a PCI scanner, and is not intended to be one).
Why did we build it?
When I first built HackMyCF, I had no idea it would become software as a service. This is thanks largely to requests from our customers. They wanted the ability to automate scanning of several servers, and were willing to pay for it.
Why would you subscribe?
Here's a list of features and benefits of the paid plans:
- Receive Automated Daily, Weekly, Monthly, or Quarterly server vulnerability reports
- Do you know when a security hotfix is released? We will notify you and your team, and also provide additional details about it.
- Scan multiple servers
- Server notes allow you to keep track of software updates, installations and other details.
- Scan as much as you want, and view results instantly.
- Some plans include security consulting time.
- Scan results are archived for your reference.
Plans start at $10/month, credit card payments are handled by PayPal subscriptions, but we also accept PO's for annual subscriptions.
You can still scan your server for free, Ad Hoc. There are no plans to remove this, however there are some limitations to the free scan, and these limitations have always existed:
- Limited number of scans per domain / ip in a given period of time
- Email must match domain
- No ability to schedule scans on a periodic basis
- No retention of scan results
- HackMyCF Scanner Updated - February 1, 2011
- HackMyCF Adds SSL/TLS Scanner - May 27, 2015
- Apache Security Patches on CentOS / RHEL - November 22, 2013
- FuseGuard 2.4 Released - October 31, 2013
- New HackMyCF Features - October 24, 2013
- Java Unlimited Strength Crypto Policy for Java 9 or 1.8.0_151
- Java 9 Security Enhancements
- Upcoming CFML Conferences in April 2017
- CFSummit 2016 Slides
- Securing Legacy CFML - dev.Objective() 2016 Slides
- My CFSummit 2015 Slide Decks
- Adding Chrome Custom Search for CFDocs
- Disable Flash Remoting on ColdFusion Servers