ColdFusion Security Training Class December 2022
Early bird registration is open for my ColdFusion Security Training deep dive class in December. If you've ever attended one of my conference sessions on ColdFusion Security at Adobe ColdFusion Summit or Into The Box (or even cf.Objective() or CFUnited :-) you know that it is hard cover a wide variety of issues in a one hour session.
It is an online class that takes place over Zoom on Tuesday December 13, 2022 and Wednesday December 14 from 11am-2pm each day. I find that two three hour chunks each day is a good amount of time to get hands on and in depth, but not so long that your brain is completely toasted. It also leaves some time for you to get some of your typical work done on those days if you are so inclined.
Here's an outline of the topics that will be covered in the course:
- Remote Code Execution
- Path Traversals & File Path Vulnerabilities
- File Upload Vulnerabilities
- Cross Site Scripting
- Cross Site Request Forgery
- Session Hijacking
- Cookie Security
- Password Storage
- Content Security Policy
- SQL Injection
- Timing Attacks
- Scope Injection
- LDAP Injection
- XML Security Issues
- Core Security Principals
- Proactive Coding Guidelines
- OWASP Top 10
- Security Tools: OWASP Zap, Fixinator
- And more!
The course covers a wide range of vulnerabilities that CFML web developers should be aware of. For each vulnerability the students will learn about it, attempt to exploit it, and last but certainly not least learn how to fix or mitigate the vulnerability.
I would love to have you attend, so please sign up while seats are still available and before the price increases on December 1st.
Like this? Follow me ↯Tweet Follow @pfreitag
ColdFusion Security Training Class December 2022 was first published on November 01, 2022.
If you like reading about coldfusion, security, or training then you might also like:
- Last Day to win Free ColdFusion Security Training
- Hands on ColdFusion Security Training
- Speaking at ColdFusion Summit Online Next Week
- OpenSSL and ColdFusion / Lucee / Tomcat
- ColdFusion Summit 2022 Slides
- Ways to suppress a finding in Fixinator
- Spring4Shell and ColdFusion
- Log4j CVE-2021-44228 Log4Shell Vulnerability on ColdFusion / Lucee
The Fixinator Code Security Scanner for ColdFusion & CFML is an easy to use security tool that every CF developer can use. It can also easily integrate into CI for automatic scanning on every commit.