Yesterday I spoke at the Adobe ColdFusion Developer Week online event. There was a great turnout (several hundred attendees), so my thanks to Adobe and Carahsoft for organizing a great event.
My topic was: Tactics for securing your ColdFusion Code, and here are my slides and links from the presentation:
- Slides - Tactics for securing your ColdFusion Code
- Source Code / Examples - this is the source code for my Bank of Insecurity app that I use in my full day ColdFusion security training class.
Here are some links to other resources mentioned:
- Continuous Integration for ColdFusion Zero to Infinity - Slides and code from my recent talk on Continuous Integration.
- Fixinator ColdFusion Code Security Scanner
- FuseGuard Web Application Firewall for ColdFusion
- HackMyCF CF Server Scanner
- Guides for setting up Continuous Integration with Fixinator - examples for multiple CI platforms: Jenkins, GitLab, Bitbucket, etc.
- OWASP - Tons of info on Web Application Security