Limit Display to Recordings of
<= 1
<= 5
<= 10
<= 30
<= 60
any
minutes duration
( 1 2 3 4 5 ) Next »
Search (within title, desc, presenter, URL):
Clear Search
44 recordings found
with reference to security
Title Presenter Duration (h:mm)
Date Recorded Date Posted Submitter
Adobe ColdFusion 10 Event (View video , Show Description )This half-day event with Adobe, Foundeo Inc., and Fig Leaf Software highlights the new features in ColdFusion 10 - including security enhancements, Scheduler improvements, Tomcat integration, unique HTML5 built-in support and improved web services support.
Rakshith Naresh, Pete Freitag, Mike Tangorre
3:00 2012-03-28 2012-04-10 Andrew Scott
CFMeetup: ColdBox 4: The Future of CFML MVC (View video , Show Description )ColdFusion (CFML) is one of the most mature web languages. It offers similar scripting and language constructs as other languages, but proponents of CFML know its true power comes with all the inbuilt functionality and integrations you get out of the box. ColdBox was the first CFML framework to provide convention-over-configuration MVC for the masses. Like other frameworks, it allows very simple conventions and lets you to easily scaffold out apps with little effort. ColdBox is unique though because it doesn't stop there; it's a productivity platform for people who are tired of reinventing the wheel. ColdBox is built on a light modular core with built-in lifecycle extension points, and pluggable libraries for things like SES, JSMin, pagination, security, and REST. And don't forget the other Box productivity libraries for logging, object creation, caching, and testing. Come see what makes ColdBox the most comprehensive and compelling development platform. We'll even talk about some of cool new features in ColdBox 4 as well as CommandBox, the new CFML CLI, Package Manager, and REPL.
Brad Wood
1:44 2014-10-30 2014-10-30 Charlie Arehart
CFMeetup: Getting Started with Multiple Instances in CF (View video , Show Description )Have you wondered about using or trying out the "multiple instance" feature of CF (technically the "multiserver" installation option). Available in its current form since CF 7, many developers and shops still have not adopted it, perhaps because they don't understand its benefits, or maybe they tried it and got confused about the options during installation/configuration. Or maybe they assume it's only about creating clusters/load balancing and/or replication: it's not and can be valuable for many other reasons.
In this talk, veteran CF troubleshooter Charlie Arehart will introduce the topic, presuming you have no prior experience with it. (Note that while it's a feature of CF Enterprise, you can also use it with the free Developer edition, and he'll explain why you may want to.)
What we will (and will not) cover:
We'll address things from the ground up, starting with what the feature is, how it's evolved, and why you should use it in development and/or production. Charlie will demonstrate an installation from scratch, talking about the various choices presented, and proceeding to add another instance and how to demonstrate successful setup. He'll also show connecting the new instance(s) to an external web server and share tips about that.
Along the way Charlie will address such other practical concerns as how to share admin settings among the instances, whether and how to share jvm.config settings, how to find the various logs for each instance, why to be careful about scheduled tasks, how you can monitor the instances, and more. He'll also offer some recommendations that could vary depending on your setup, such why you might want to use the cfusion instance only for creating instances, when/why you may be able to stop and disable the cfusion and admin instances, why you may/may not want to consider sandbox security, and more.
We will not have time to discuss or demonstrate clustering, load balancing, and replication, but can mention it only briefly. If that may be what you'd want to hear more about, please know this is not the talk for that. Perhaps a later talk.
But you will be pointed to many resources available for you to further investigate more on all the things we discuss (with a warning to be careful about older resources which describe an older but still-supported approach to multiple instances, from the CF 6.1 timeframe.)
Charlie Arehart
1:33 2009-07-23 2009-07-23 charlie arehart
ColdFusion Application Security at the Boston CFUG (View video , Show Description )http://www.12robots.com/index.cfm/2009/9/17/ColdFusion-Application-Security-at-the-Boston-CFUG--Last-Night
Jason Dean
1:25 2009-09-16 2009-09-17 Henry Ho
ColdFusion Application Security (View video , Show Description )Adobe's ColdFusion Specialist for the government sector, Adam Wayne Lehman will present "ColdFusion Application Security". This presentation details the OWASP Top Ten Most Critical Web Application Security Vulnerabilities and how they are pertain to developing ColdFusion applications. Demonstration of effective methods to avoid and prevent invalidated input, broken access controls, broken authentication and session management, cross-site scripting flaws, injection flaws, and improper error handling.
Adam has been developing web applications specializing in ColdFusion for nearly a decade. His background includes designing and programming e-learning applications for Johns Hopkins Bloomberg School of Public Health, and before Adobe, Adam was a Senior Web Systems Engineer for the U.S. Department of State where he managed a team of developers and architects enterprise ColdFusion applications. Adam has also managed the Department of State Adobe Developer User Group for over two years. His work has been featured in Macromedia?s DRK(Developer Resource Kit) and his other areas of expertise include application security, section 508-compliant design and Oracle database development.
Adam Wayne Lehman
1:20 2006-10-19 2006-10-19 Steven Erat
CFMeetup: Practical ColdFusion Security (View video , Show Description )Securing an application is far more than just password protection and stopping SQL injection attacks. Taking a real project this session will delve into the system's architecture, closely examine the security and privacy issues and show what features were implemented and how that was determined via risk analysis. Security features covered will include code placement and caching, securing SQL databases via permissions and use of multiple data sources, code timing attacks, dictionary attacks, salted password systems, page fingerprinting, and various logging and auditing features. Security is not so much about stopping access to a system but more knowing when and how a system was compromised and minimising the damage that can be done when that happens.
Justin McLean
1:19 2011-02-24 2011-02-24 charlie arehart
CFMeetup: Application Security: Beyond SQL Injection (View video , Show Description )Surely there is more to this application security stuff than SQL injection. We've put in our <cfqueryparams> so are we secure now? We are going to talk about some of the other threats against our applications. Things like:
- Request Forgeries
- Password Security
- Cookies
- Session Management
SQL Injection is only the tip of the security iceberg. We need to be prepared for much more. As hackers become more sophisticated, so must we.
Jason Dean
1:18 2009-01-22 2009-01-23 Charlie Arehart
CFMeetup: CF AMA: Ask Me Anything (View video , Show Description )Join us for our first "Ask Me Anything" session, with your host Charlie Arehart and recent co-organizer Dan Wilson. We'll open the floor to any sort of CF-related questions you may have, whether about coding challenges or using CF features, configuration or tuning, deployment, security, the upcoming new CF version, recent CF versions, the future and state of CF, whatever.
Of course, some topics tend to generate more heat than light, so we hope folks will ask questions that may not be merely points of debate (preferences, disappointments, laments). And since we're not Adobe and don't speak for them, there are some topics where we won't be able to offer information that isn't publicly known. Still, there are many questions asked in the community (in various places) every day, so there are plenty of good questions. Of course, we can even talk about, "where are good places to ask CF questions?"! :-)
You bring 'em, we'll wing 'em. We'll even let others hop on to speak/share video/screen, if they feel they have a question or answer that would be better spoken than written in the chat.
Charlie Arehart and Dan Wilson
1:15 2020-10-22 2020-11-04 Charlie Arehart
CFMeetup: Keeping CF (and Java) updated: challenges and solutions (View video , Show Description )Are you keeping up on whatever updates are available for the CF version you're running (2018, 2016, or so on)? And how about updating the Java/JVM that CF uses? You should be, for security as well as bug fix reasons. And what about the web server connector (wsconfig)?
Ever since CF10, the mechanism to update CF has been a single-click operation in the CF Admin--or at least, that's how it's supposed to be. But sometimes things go amiss, and you can be left with CF not coming up, or the admin not opening, or something in your app failing to work right which you may not notice for even days or weeks.
And the same is true when it comes to updating the Java/JVM that CF uses: there are several things you can easily do "wrong" that will have CF not starting. And even if you do it "right", there may be something amiss (because you missed an important step) that might not bite you for some days--when someone tries to make an https call out of CF. And you may wonder, "what version of Java can I use with my version of CF?"
The good news is that there are answers and a few key best practices to follow in updating CF, the JVM, and wsconfig, which if followed can ensure that each is a quick and painless task. In this session, veteran CF troubleshooter Charlie Arehart will walk through all this, based on his decade-plus experience in helping people troubleshoot such problems daily. The session will apply both to those using the Admin or command line for such update mechanisms.
Charlie Arehart
1:14 2020-06-25 2020-06-25 Charlie Arehart
CF Online Summit 2022: A Sneak Peek into ColdFusion Builder on VSCode (View video , Show Description )In the session, Nikhil Dubey will be talking about the newly released VSCode Extension for CFML and how it makes CFML developers' life easier. Starting briefly with some usage statistics and overview of plugin architecture, the talk will be throwing light on the value-adding features like code assist, code completion, formatting, navigation, etc. that the plugin offers. Unique features exclusive with Adobe plugin like RDS, Security Analyzer, Server Manager, Project Manager along with their utilities will be discussed in some details. A small demo will follow. Takeaways - Developers will be aware of various features available to make development effort smooth. They will also have an overall picture of how the extension is working internally.
Nikhil Dubey
1:11 2022-11-18 2022-11-29 Charlie Arehart
( 1 2 3 4 5 ) Next »
Show how many results?:
You can bookmark this search as http://www.carehart.org/ugtv/list.cfm?search=security
or track the search results using RSS:
RSS Feed of 10 latest presentations referring to: security -- (Validate RSS feed )
RSS Feed:
RSS Feed of 10 latest added presentations
Receive an email newsletter of newest entries: via Feedblitz