This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
ColdFusion Security Resources
Table of Contents
Research | References | Tools | Libraries |
Videos | References | OWASP Tools | 3rd Party Libs |
White Papers/Presentations | Static Analysis | ||
Articles | |||
Example Vulnerabilities | |||
Videos
DeConstructing ColdFusion This BlackHat 2010 video is a presentation by Chris Eng and Brandon Creighton from VeraCode.
Securing ColdFusion Applications Jason Dean and Peleus Uhley present at Adobe Max 2010 on how to create secure ColdFusion applications.
Security: Hiding Information from Individuals Not Authorized to See It Jim Harris present at the ColdFusion Meetup on March 17, 2011.
Security: Washing Your Incoming Data using ColdFusion Jim Harris presents at the ColdFusion Meetup on March 10, 2011.
Security: Practical ColdFusion Security Justin McLean presents at the ColdFusion Meetup on February 24, 2011.
White Papers/Presentations
Deconstructing ColdFusion The slides from Chris Eng's and Brandon Creighton's presentation at BlackHat 2010
References
ColdFusion Security The Adobe Developer Center's section on ColdFusion Security.
ColdFusion 9 Lockdown Guide The Adobe server lockdown guide for ColdFusion 9.
ColdFusion Security Updates The section of the Adobe Security page that lists current ColdFusion security patches.