Returned from another Adobe ColdFusion Summit East conference in Washington DC. This year, I gave a talk titled Securing Adobe ColdFusion Applications: A Walk through the CWE Top 25. You can download the slides here. Thanks to all who attended! It was great to catch up with so many people, and meet some new people as well. Since it was a short conference, there were still some people I didn't have a chance to chat with, that I would have liked to, so until next time!
This presentation went through Mitre's CWE Top 25 list. The list is constructed by analyzing the weaknesses linked to CVE's by frequency, severity and danger. The top 25 weaknesses on this list are thus labeled the most dangerous software weaknesses. We then looked at how the weakness might pertain to a ColdFusion application. Five of the top twenty five weaknesses are taken care of for us due to Java being a memory safe language, for those we simply say Thanks Java!.