Hands on ColdFusion Security Training
One of the best ways to really learn about something, is to roll up your sleeves, get your hands dirty. This is especially true for learning about security, it can be difficult to fully understand how attacks work by just reading about it.
Jason Dean and I are teaching an all day, hands on, ColdFusion Security Training session titled Building Secure CFML Applications as a Pre-Conference session at the 2010 cf.Objective() conference in Minneapolis, MN.
The pre-conference session is on April 21st, 2010 (one day before the conference begins), and there are only a few days left before the early bird pricing ends (the prices for our class goes up $150 after next week). So be sure to Register now!
In our security training course you will learn about several vulnerabilities that might exist in your applications. But we're not just going to tell you about these vulnerabilities. You can fire up your laptop to exploit and resolve these vulnerabilities as we hack our way through an example ColdFusion web application.
In addition to our pre conference training course there are several other world class training sessions at this years conference:
- Building Secure CFML Applications (April 21) That's Us!
- Coldbox:100 Training (April 21)
- Developing Applications with ColdFusion 9 Object Relational Mapping (ORM) (April 20-21)
- Getting Started with Flex and AIR Development with the Flex SDK (April 21)
- Mach-II and OOP from the Ground Up (April 20-21)
- Rapid Development with Model-Glue 3 (April 20-21)
- Maximum Security CFML - cfObjective Slides - May 17, 2011
- Last Day to win Free ColdFusion Security Training - March 23, 2010
- CFSummit 2016 Slides - October 17, 2016
- Scope Injection in CFML - March 3, 2015
- Learn about ColdFusion Security at cfObjective 2013 - March 6, 2013
- Updating Java on ColdFusion or Lucee
- ColdFusion returning empty response with server-error: true
- Careful applying CF11u16, CF2016u8, CF2018u2
- Sessions don't work in Chrome but do in IE
- csrfVerifyToken does not invalidate the token
- The cf_sql_ is optional in cfqueryparam
- Cookie Expires / Max-Age 1969-12-31T23:59:59.000Z
- Burst Throttling on AWS API Gateway Explained