ColdFusion Security Training
Writing Secure CFML
A hands-on CFML / ColdFusion Security Training class for developers. Learn how to identify and fix security vulnerabilities in your ColdFusion / CFML applications.
When: Tuesday December 13, 2022 @ 11am-2pm & Wednesday December 14 @ 11am-2pm
(Eastern Standard Time, UTC -5) - 6 hours in total.
Where: Online / Web Conference
Who: Taught by Pete Freitag
Cost: $999/student $899/student (Early Bird Discount)
The class will be recorded, so if you cannot attend it fully online you will have access to a recording.
group22

Video recordings from our previous ColdFusion Security Training class (held in December 2020) can be purchased.
What Students Are Saying...

-- Gavin Pickin
-- George Murphy


-- Nolan Erck
ColdFusion Security Training Course Outline
The course covers a wide range of vulnerabilities that CFML web developers should be aware of. For each vulnerability the students will learn about it, attempt to exploit it, and last but certainly not least fix or mitigate the vulnerability.
- Core Security Principals
- Proactive Coding Guidelines
- OWASP Top 10
- SQL Injection
- Remote Code Execution
- Path Traversals & File Path Vulnerabilities
- File Upload Vulnerabilities
- Cross Site Scripting
- Cross Site Request Forgery
- Session Hijacking
- Cookie Security
- Password Storage
- Authentication
- Authorization
- Content Security Policy
- Timing Attacks
- Scope Injection
- LDAP Injection
- XML Security Issues
- Security Tools: OWASP Zap, Fixinator
- And more!