I've returned from the Adobe ColdFusion Summit in Las Vegas, where I presented on Boosting ColdFusion Security. In this presentation we covered several different types of security vulnerabilities that ColdFusion developers should be aware of. New to my repertoire was some discussion on AI related vulnerabilities, particularly prompt injection. When you are giving a live demo of an AI response you never quite know what it will respond with. While attempting to show a prompt injection example which ignored instructions and provided a recipe for chocolate chip cookies, the LLM said it couldn't provide a recipe for chocolate chip cookies because they were unhealthy!
You can grab a PDF of my slides here. If you missed it, or want to learn more about ColdFusion Security, I am giving an online ColdFusion developer security training class in December.
Proud Sponsor
My company Foundeo Inc. was a sponsor of the conference. I had a lot of great conversations with people at the Foundeo table. As a nod to ColdFusion's 30th birthday I was handing out 3.5" floppy disks. The disks drew many a lot of comments such from Where did you get these? to I haven't seen one of these in years, and even: I'm going to see if my younger co-workers know what this is.
ColdFusion Champion Awards
An unexpected twist to this years conference was the ColdFusion Champion Awards given out in the day two keynote. I was proud to be named as the ColdFusion Security Champion. The awards given were:
- Raymond Camden - ColdFusion Content Champion
- Pete Freitag - ColdFusion Security Champion
- Brian Sappey - ColdFusion Education Champion
- Charlie Arehart - ColdFusion Community Champion
Thank you Adobe, and congrats to Ray, Brian and Charlie!