Limit Display to Recordings of
<= 1
<= 5
<= 10
<= 30
<= 60
any
minutes duration
« Previous ( 1 2 3 4 5 ) Next »
Search (within title, desc, presenter, URL):
Clear Search
44 recordings found
with reference to security
Title
Presenter Duration (h:mm) Date Recorded Date Posted Submitter
CFMeetup: Practical Ajax Security (View video , Show Description )With the introduction of Rich Internet Applications (RIAs) over the last several years, it seems that everyone is jumping on the RIA bandwagon. But is any thought being given to what might need to be done to ensure that our Web 2.0 applications are secure? Or are they are not introducing new vulnerabilities into existing applications? In this presentation, we will look at some of the security issues that can arise from introducing Ajax into your applications and about how to mitigate the risks of opening up remote services for Ajax.
Jason Dean
0:35 2010-09-23 2010-09-23 charlie arehart
CFMeetup: PDF Creation and Manipulation with ColdFusion 8 (View video , Show Description )Generating PDF documents is a simple task in ColdFusion 8. That is if you know what you are doing. This meetup will discuss the basic knowledge needed to create a PDF document. From something as simple as taking an image and converting it, to converting an entire web page or other document. Advanced features such as page extraction, PDF merging and document security will also be discussed.
Real world examples, as well as basic demos, will be used to explain the features discussed. The goal is for everyone to leave the meeting with the feeling that they can do it themselves.
Dave Ferguson
1:05 2009-06-04 2009-06-04 charlie arehart
CFMeetup: Multi-Factor Authentication in ColdFusion (View video , Show Description )Over the years authentication schemes have changed drastically from the old days of username and password logins. Today, there are multiple kinds of multi-factor authentication mechanisms in use that add complexity and security to your login processes. We'll explore some of these newer authentication techniques and show you how to easily implement a secure authentication process in every application you write. We'll also cover basic PCI compliance, encryption, obfuscation, and access control lists along with password security, password recovery, session management and other topics that relate to building a robust authentication system.
Denard Springle
0:52 2012-07-05 2012-07-05 Charlie Arehart
CFMeetup: Leveraging RDS in Eclipse, Dreamweaver, and Homesite+/CF Studio: Secure, useful (View video , Show Description )Are you using the RDS-enabled features in Eclipse, Dreamweaver, or HomeSite+? If not, you could be missing out on a lot of increased productivity, from the query building tools it enables, to the component browsing tools, to enabling file access across the web, and more.
Perhaps it's been disabled on your server, or people may argue that it's insecure. If you could be shown how it could be secured, might you (or your admin) reconsider it? I think it's a tragedy how many developers suffer without leveraging RDS, certainly on their own machines, and even on shared servers.
Whether you think RDS evil or a blessing, or are unaware of what it enables in your favorite CFML editor, and whether you use CF 8 or earlier, there may be more to RDS than you realize. And there are solutions to security concerns, especially in CF8 but even beforehand.
In this talk, frequent CFUG speaker Charlie Arehart will show you all the ways that RDS can be used to make you more productive in Eclipse, Dreamweaver, or HomeSite+. He'll also address (and in some cases resolve) common security concerns, especially the multi-user RDS security available in CF 8 (and CF 4 and 5), as well as how to enable it if it's been disabled (assuming you have the right to make configuration changes, of course).
Charlie Arehart
1:08 2008-05-01 2008-05-01 charlie arehart
CFMeetup: Keeping CF (and Java) updated: challenges and solutions (View video , Show Description )Are you keeping up on whatever updates are available for the CF version you're running (2018, 2016, or so on)? And how about updating the Java/JVM that CF uses? You should be, for security as well as bug fix reasons. And what about the web server connector (wsconfig)?
Ever since CF10, the mechanism to update CF has been a single-click operation in the CF Admin--or at least, that's how it's supposed to be. But sometimes things go amiss, and you can be left with CF not coming up, or the admin not opening, or something in your app failing to work right which you may not notice for even days or weeks.
And the same is true when it comes to updating the Java/JVM that CF uses: there are several things you can easily do "wrong" that will have CF not starting. And even if you do it "right", there may be something amiss (because you missed an important step) that might not bite you for some days--when someone tries to make an https call out of CF. And you may wonder, "what version of Java can I use with my version of CF?"
The good news is that there are answers and a few key best practices to follow in updating CF, the JVM, and wsconfig, which if followed can ensure that each is a quick and painless task. In this session, veteran CF troubleshooter Charlie Arehart will walk through all this, based on his decade-plus experience in helping people troubleshoot such problems daily. The session will apply both to those using the Admin or command line for such update mechanisms.
Charlie Arehart
1:14 2020-06-25 2020-06-25 Charlie Arehart
CFMeetup: I Didn’t Know S3 Could Do That!, with Brian Klaas (View video , Show Description )Millions of developers know Amazon's Simple Storage Service (S3) as the file system for the Internet: it's fast, cheap, and super durable. CFML developers have dead-simple access to S3 via built-in functionality. S3 goes way beyond just uploading and downloading files, though. By dropping down into the AWS Java SDK, we can unlock the full potential of S3, and that's exactly what we'll do in this session.
In this session we'll look at how to: - Secure your files in S3 with time-expiring URLs - Increase security over what's built into the CFML engines by accessing S3 via the Java SDK - Encrypt objects at rest in S3 - Cut your storage costs by using different S3 storage classes - Automatically archive unused files after a set period of time - Use the rock-solid object versioning available in S3 - Use tags to be able to filter and report on millions of objects in S3
Brian Klaas
1:11 2020-08-06 2020-08-06 Charlie Arehart
CFMeetup: Getting Started with Multiple Instances in CF (View video , Show Description )Have you wondered about using or trying out the "multiple instance" feature of CF (technically the "multiserver" installation option). Available in its current form since CF 7, many developers and shops still have not adopted it, perhaps because they don't understand its benefits, or maybe they tried it and got confused about the options during installation/configuration. Or maybe they assume it's only about creating clusters/load balancing and/or replication: it's not and can be valuable for many other reasons.
In this talk, veteran CF troubleshooter Charlie Arehart will introduce the topic, presuming you have no prior experience with it. (Note that while it's a feature of CF Enterprise, you can also use it with the free Developer edition, and he'll explain why you may want to.)
What we will (and will not) cover:
We'll address things from the ground up, starting with what the feature is, how it's evolved, and why you should use it in development and/or production. Charlie will demonstrate an installation from scratch, talking about the various choices presented, and proceeding to add another instance and how to demonstrate successful setup. He'll also show connecting the new instance(s) to an external web server and share tips about that.
Along the way Charlie will address such other practical concerns as how to share admin settings among the instances, whether and how to share jvm.config settings, how to find the various logs for each instance, why to be careful about scheduled tasks, how you can monitor the instances, and more. He'll also offer some recommendations that could vary depending on your setup, such why you might want to use the cfusion instance only for creating instances, when/why you may be able to stop and disable the cfusion and admin instances, why you may/may not want to consider sandbox security, and more.
We will not have time to discuss or demonstrate clustering, load balancing, and replication, but can mention it only briefly. If that may be what you'd want to hear more about, please know this is not the talk for that. Perhaps a later talk.
But you will be pointed to many resources available for you to further investigate more on all the things we discuss (with a warning to be careful about older resources which describe an older but still-supported approach to multiple instances, from the CF 6.1 timeframe.)
Charlie Arehart
1:33 2009-07-23 2009-07-23 charlie arehart
CFMeetup: Creating Secure Applications with the New TrafficMunkey Framework (View video , Show Description )TrafficMunkey is a new ColdFusion framework born from the Lean Development process, i.e. lots of prototyping and agile development. It's quick and easy-to-use, both when starting new projects and maintaining existing ones. This presentation will start with a demonstration of its speed by creating on-the-fly wireframes, as you might with clients. Then I'll show you how to leverage the built-in objects for prototyping and the graphic design. I'll wrap up by showing how it can integrate everything with your own ColdFusion objects. More on TrafficMunkey at
http://millionmunkeys.net/TrafficMunkey/ .
I do a lot of work with prototypes, for Usability testing, and as a requirements-gathering technique to get clients to tell me what they don't know they need to tell me. I've used and trained people on most of the major ColdFusion frameworks through the years, but none of them were flexible enough for the early stages of a project, when names and concepts keep changing and whole sections of the application move around. To be honest, usually I would do this outside of a framework, and then move it into a framework when things settled down. Perhaps you've done that as well. With TrafficMunkey you don't have to do that. It becomes a tool to help with prototyping, and keeps working for you through production, making maintenance and upgrades easier as well.
Even if you're not familiar with frameworks, TrafficMunkey is pretty straightforward, so it should be pretty easy to follow along and get started.
This presentation will cover the basics of using the new framework, including:
Building wireframes on-the-fly with a client Mapping exit points (a.k.a. XFAs) Integrating Graphic Design templates Managing site security Integrating ColdFusion objects Learning Objectives:
Creating a TrafficMunkey sitemap Using site templates and dynamic navigation Adding roles for authentication and security "
Peter Oliver-Krueger
1:07 2011-09-08 2011-09-08 charlie arehart
CFMeetup: ColdFusion on the Cloud Using Amazon EC2 and S3 (View video , Show Description )Cloud computing and distributed storage are gaining more traction in the ColdFusion community, and Amazon's EC2 and S3 are highly secure, cost effective and easy to use solutions that give the power of the cloud to ColdFusion developers. Learn how to create and manage EC2 instances, install Adobe ColdFusion and MySQL server on Amazon's EC2 linux based servers, how to use S3 storage directly within ColdFusion and how to take advantage of some of the other features offered by Amazon Web Services including network security, messaging, and load balancing. Above all, you'll learn how to get a free micro EC2 instance and other free services from Amazon for a full year!
Denard Springle
1:09 2011-12-22 2011-12-22 charlie arehart
CFMeetup: ColdBox 4: The Future of CFML MVC (View video , Show Description )ColdFusion (CFML) is one of the most mature web languages. It offers similar scripting and language constructs as other languages, but proponents of CFML know its true power comes with all the inbuilt functionality and integrations you get out of the box. ColdBox was the first CFML framework to provide convention-over-configuration MVC for the masses. Like other frameworks, it allows very simple conventions and lets you to easily scaffold out apps with little effort. ColdBox is unique though because it doesn't stop there; it's a productivity platform for people who are tired of reinventing the wheel. ColdBox is built on a light modular core with built-in lifecycle extension points, and pluggable libraries for things like SES, JSMin, pagination, security, and REST. And don't forget the other Box productivity libraries for logging, object creation, caching, and testing. Come see what makes ColdBox the most comprehensive and compelling development platform. We'll even talk about some of cool new features in ColdBox 4 as well as CommandBox, the new CFML CLI, Package Manager, and REPL.
Brad Wood
1:44 2014-10-30 2014-10-30 Charlie Arehart
« Previous ( 1 2 3 4 5 ) Next »
Show how many results?:
You can bookmark this search as http://www.carehart.org/ugtv/list.cfm?search=security
or track the search results using RSS:
RSS Feed of 10 latest presentations referring to: security -- (Validate RSS feed )
RSS Feed:
RSS Feed of 10 latest added presentations
Receive an email newsletter of newest entries: via Feedblitz