A video based Web Application Security Training course for CFML / ColdFusion or Lucee Developers, taught by Pete Freitag.
In this course developers will learn about many different web application vulnerabilities including the OWASP top 10. Beyond just learning about the vulnerability the developer will see what it looks like in ColdFusion / CFML code, and most importantly how to fix it!
- Intro / Core Security Principals (33 minutes)
- SQL Injection (31 minutes)
- Remote Code Execution (18 minutes)
- Path Traversal & File Issues (21 minutes)
- File Upload Vulnerabilities (34 minutes)
- Cross Site Scripting / XSS (23 minutes)
- OWASP Zap Demo (8 minutes)
- Security Headers (50 minutes)
- Cross Site Request Forgery (27 minutes)
- Authentication, Authorization and Timing Attacks (28 minutes)
- Cookies and Sessions (15 minutes)
- Encryption and Secret Management (10 minutes)
- Injection Attacks (ColdFusion Scope Injection, PDF, XML, LDAP, etc) (10 minutes)
- Security Tools: Fixinator and FuseGuard (8 minutes)
Includes a 191 page PDF with loads of info on the above topics.
Pricing is per student. Recorded December 2020
Slide Deck + 5 hours of Streaming Video