Pete FreitagSecuring ColdFusion Applications - DevWeek 2021
Published on June 29, 2021
By Pete Freitag
By Pete Freitag
It was great to be a speaker at the ColdFusion DevWeek event last week. I spoke on the topic Securing ColdFusion Applications.
As promised here are the slides, and the example code I used can be found here.
In this talk I thought it would be fun to come up with a list of the Top 10 Risks or Issues ColdFusion developers should be aware of. As with any security top ten list, there are more than 10 security issues to be aware of, so this is just a starting point.
- Old Code
- Failure to Delegate
- Security Configuration
- Various Injection Attacks
- XSS
- Authentication / Authorization
- Remote Code Execution
- SQL Injection
- File System Issues
- Unpatched Known Vulnerabilities
Securing ColdFusion Applications - DevWeek 2021 was first published on June 29, 2021.
If you like reading about security, presentations, or adobe then you might also like:
- Adobe eSeminar on FuseGuard
- ColdFusion searchImplicitScopes and APSB24-14
- Speaking at ColdFusion Summit Online Next Week
- ColdFusion Summit 2022 Slides
The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.
Try Fixinator