For the past two-three months ColdFusion has been increasingly targeted by attackers, as many have found out the hard way. Because my company Foundeo Inc. does a lot of work related to security on ColdFusion we have seen first hand a lot of interest in improving security practices among CF developers and administrators.
One great way to learn about improving the security of your ColdFusion server and applications is to attend the cf.Objective() conference, May 15-18th 2013. Here are some sessions that focus on security:
- Beyond Encrypt(): Asymmetric Encryption, Digital Signature, and more - Phil Duba
- Web Hacking Tools - David Epler
- Locking Down CF Servers - Pete Freitag (me)
- Writing Secure CFML - Pete Freitag (me)
- Mobile but Secure - Bilal Soylu
I also want to point out that Foundeo Inc. is a sponsor of cf.Objective() and will have a booth, so please stop by and ask your security questions or learn about FuseGuard and HackMyCF.