ColdFusion Developer Security Training
This course covers the essential topics for ColdFusion Developers to understand in order to write secure CFML code.
In this course developers will learn about many different web application vulnerabilities including the OWASP top 10. Beyond just learning about the vulnerability the developer will see what it looks like in ColdFusion / CFML code, and most importantly how to fix it!
This is the only course of its kind that is focused on ColdFusion, and taught by a ColdFusion developer (Pete Freitag).
Course Videos
- Intro / Core Security Principals
- SQL Injection
- Remote Code Execution
- Path Traversal & File Issues
- File Upload Vulnerabilities
- Cross Site Scripting / XSS
- OWASP Zap Demo
- Security Headers
- Cross Site Request Forgery
- Authentication, Authorization and Timing Attacks
- Cookies and Sessions
- Encryption and Secret Management
- Injection Attacks (ColdFusion Scope Injection, PDF, XML, LDAP, etc)
- Security Tools: Fixinator and FuseGuard
Includes a 208 page PDF with loads of info on the above topics.
Pricing is per student. If multiple students will be taking the course please increment the quantity.
Recorded December 2023
About the Instructor
Pete Freitag has been working with ColdFusion since the late 90's, and started with Allaire ColdFusion 3.0. Pete has been focused on ColdFusion / CFML / Lucee security for the past several years. His work includes several ColdFusion / CFML security tools and products. Pete has also been selected by Adobe to write the ColdFusion Server Lockdown Guides for the past several releases.