Hardening ColdFusion - cfObjective 2009 Presentation Slides
I've been meaning to post the slides the presentation I gave at cf.Objective() 2009 on Hardening ColdFusion for a while, but I don't think there could be a more important time than now!
This presentation doesn't focus on the CFML coding side of security, but is rather on the administration, and server side of things.
I hope you find it useful.
- Maximum Security CFML - cfObjective Slides - May 17, 2011
- CFSummit 2016 Slides - October 17, 2016
- Writing Secure CFML cfObjective 2013 Slides - May 16, 2013
- Learn about ColdFusion Security at cfObjective 2013 - March 6, 2013
- ColdFusion 10 Security Enhancements Presentation - June 7, 2012
- Updating Java on ColdFusion or Lucee
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2
- Sessions don't work in Chrome but do in IE
- csrfVerifyToken does not invalidate the token
- The cf_sql_ is optional in cfqueryparam
- Cookie Expires / Max-Age 1969-12-31T23:59:59.000Z
- Burst Throttling on AWS API Gateway Explained