Limit Display to Recordings of
<= 1
<= 5
<= 10
<= 30
<= 60
any
minutes duration
« Previous ( 1 2 3 4 5 ) Next »
Search (within title, desc, presenter, URL):
Clear Search
44 recordings found
with reference to security
Title Presenter
Duration (h:mm) Date Recorded Date Posted Submitter
CFMeetup: Creating Secure Applications with the New TrafficMunkey Framework (View video , Show Description )TrafficMunkey is a new ColdFusion framework born from the Lean Development process, i.e. lots of prototyping and agile development. It's quick and easy-to-use, both when starting new projects and maintaining existing ones. This presentation will start with a demonstration of its speed by creating on-the-fly wireframes, as you might with clients. Then I'll show you how to leverage the built-in objects for prototyping and the graphic design. I'll wrap up by showing how it can integrate everything with your own ColdFusion objects. More on TrafficMunkey at
http://millionmunkeys.net/TrafficMunkey/ .
I do a lot of work with prototypes, for Usability testing, and as a requirements-gathering technique to get clients to tell me what they don't know they need to tell me. I've used and trained people on most of the major ColdFusion frameworks through the years, but none of them were flexible enough for the early stages of a project, when names and concepts keep changing and whole sections of the application move around. To be honest, usually I would do this outside of a framework, and then move it into a framework when things settled down. Perhaps you've done that as well. With TrafficMunkey you don't have to do that. It becomes a tool to help with prototyping, and keeps working for you through production, making maintenance and upgrades easier as well.
Even if you're not familiar with frameworks, TrafficMunkey is pretty straightforward, so it should be pretty easy to follow along and get started.
This presentation will cover the basics of using the new framework, including:
Building wireframes on-the-fly with a client Mapping exit points (a.k.a. XFAs) Integrating Graphic Design templates Managing site security Integrating ColdFusion objects Learning Objectives:
Creating a TrafficMunkey sitemap Using site templates and dynamic navigation Adding roles for authentication and security "
Peter Oliver-Krueger
1:07 2011-09-08 2011-09-08 charlie arehart
CFMeetup: Leveraging RDS in Eclipse, Dreamweaver, and Homesite+/CF Studio: Secure, useful (View video , Show Description )Are you using the RDS-enabled features in Eclipse, Dreamweaver, or HomeSite+? If not, you could be missing out on a lot of increased productivity, from the query building tools it enables, to the component browsing tools, to enabling file access across the web, and more.
Perhaps it's been disabled on your server, or people may argue that it's insecure. If you could be shown how it could be secured, might you (or your admin) reconsider it? I think it's a tragedy how many developers suffer without leveraging RDS, certainly on their own machines, and even on shared servers.
Whether you think RDS evil or a blessing, or are unaware of what it enables in your favorite CFML editor, and whether you use CF 8 or earlier, there may be more to RDS than you realize. And there are solutions to security concerns, especially in CF8 but even beforehand.
In this talk, frequent CFUG speaker Charlie Arehart will show you all the ways that RDS can be used to make you more productive in Eclipse, Dreamweaver, or HomeSite+. He'll also address (and in some cases resolve) common security concerns, especially the multi-user RDS security available in CF 8 (and CF 4 and 5), as well as how to enable it if it's been disabled (assuming you have the right to make configuration changes, of course).
Charlie Arehart
1:08 2008-05-01 2008-05-01 charlie arehart
CFMeetup: ColdFusion on the Cloud Using Amazon EC2 and S3 (View video , Show Description )Cloud computing and distributed storage are gaining more traction in the ColdFusion community, and Amazon's EC2 and S3 are highly secure, cost effective and easy to use solutions that give the power of the cloud to ColdFusion developers. Learn how to create and manage EC2 instances, install Adobe ColdFusion and MySQL server on Amazon's EC2 linux based servers, how to use S3 storage directly within ColdFusion and how to take advantage of some of the other features offered by Amazon Web Services including network security, messaging, and load balancing. Above all, you'll learn how to get a free micro EC2 instance and other free services from Amazon for a full year!
Denard Springle
1:09 2011-12-22 2011-12-22 charlie arehart
CF Online Summit 2022: A Sneak Peek into ColdFusion Builder on VSCode (View video , Show Description )In the session, Nikhil Dubey will be talking about the newly released VSCode Extension for CFML and how it makes CFML developers' life easier. Starting briefly with some usage statistics and overview of plugin architecture, the talk will be throwing light on the value-adding features like code assist, code completion, formatting, navigation, etc. that the plugin offers. Unique features exclusive with Adobe plugin like RDS, Security Analyzer, Server Manager, Project Manager along with their utilities will be discussed in some details. A small demo will follow. Takeaways - Developers will be aware of various features available to make development effort smooth. They will also have an overall picture of how the extension is working internally.
Nikhil Dubey
1:11 2022-11-18 2022-11-29 Charlie Arehart
CFMeetup: I Didn’t Know S3 Could Do That!, with Brian Klaas (View video , Show Description )Millions of developers know Amazon's Simple Storage Service (S3) as the file system for the Internet: it's fast, cheap, and super durable. CFML developers have dead-simple access to S3 via built-in functionality. S3 goes way beyond just uploading and downloading files, though. By dropping down into the AWS Java SDK, we can unlock the full potential of S3, and that's exactly what we'll do in this session.
In this session we'll look at how to: - Secure your files in S3 with time-expiring URLs - Increase security over what's built into the CFML engines by accessing S3 via the Java SDK - Encrypt objects at rest in S3 - Cut your storage costs by using different S3 storage classes - Automatically archive unused files after a set period of time - Use the rock-solid object versioning available in S3 - Use tags to be able to filter and report on millions of objects in S3
Brian Klaas
1:11 2020-08-06 2020-08-06 Charlie Arehart
CFMeetup: Keeping CF (and Java) updated: challenges and solutions (View video , Show Description )Are you keeping up on whatever updates are available for the CF version you're running (2018, 2016, or so on)? And how about updating the Java/JVM that CF uses? You should be, for security as well as bug fix reasons. And what about the web server connector (wsconfig)?
Ever since CF10, the mechanism to update CF has been a single-click operation in the CF Admin--or at least, that's how it's supposed to be. But sometimes things go amiss, and you can be left with CF not coming up, or the admin not opening, or something in your app failing to work right which you may not notice for even days or weeks.
And the same is true when it comes to updating the Java/JVM that CF uses: there are several things you can easily do "wrong" that will have CF not starting. And even if you do it "right", there may be something amiss (because you missed an important step) that might not bite you for some days--when someone tries to make an https call out of CF. And you may wonder, "what version of Java can I use with my version of CF?"
The good news is that there are answers and a few key best practices to follow in updating CF, the JVM, and wsconfig, which if followed can ensure that each is a quick and painless task. In this session, veteran CF troubleshooter Charlie Arehart will walk through all this, based on his decade-plus experience in helping people troubleshoot such problems daily. The session will apply both to those using the Admin or command line for such update mechanisms.
Charlie Arehart
1:14 2020-06-25 2020-06-25 Charlie Arehart
CFMeetup: CF AMA: Ask Me Anything (View video , Show Description )Join us for our first "Ask Me Anything" session, with your host Charlie Arehart and recent co-organizer Dan Wilson. We'll open the floor to any sort of CF-related questions you may have, whether about coding challenges or using CF features, configuration or tuning, deployment, security, the upcoming new CF version, recent CF versions, the future and state of CF, whatever.
Of course, some topics tend to generate more heat than light, so we hope folks will ask questions that may not be merely points of debate (preferences, disappointments, laments). And since we're not Adobe and don't speak for them, there are some topics where we won't be able to offer information that isn't publicly known. Still, there are many questions asked in the community (in various places) every day, so there are plenty of good questions. Of course, we can even talk about, "where are good places to ask CF questions?"! :-)
You bring 'em, we'll wing 'em. We'll even let others hop on to speak/share video/screen, if they feel they have a question or answer that would be better spoken than written in the chat.
Charlie Arehart and Dan Wilson
1:15 2020-10-22 2020-11-04 Charlie Arehart
CFMeetup: Application Security: Beyond SQL Injection (View video , Show Description )Surely there is more to this application security stuff than SQL injection. We've put in our <cfqueryparams> so are we secure now? We are going to talk about some of the other threats against our applications. Things like:
- Request Forgeries
- Password Security
- Cookies
- Session Management
SQL Injection is only the tip of the security iceberg. We need to be prepared for much more. As hackers become more sophisticated, so must we.
Jason Dean
1:18 2009-01-22 2009-01-23 Charlie Arehart
CFMeetup: Practical ColdFusion Security (View video , Show Description )Securing an application is far more than just password protection and stopping SQL injection attacks. Taking a real project this session will delve into the system's architecture, closely examine the security and privacy issues and show what features were implemented and how that was determined via risk analysis. Security features covered will include code placement and caching, securing SQL databases via permissions and use of multiple data sources, code timing attacks, dictionary attacks, salted password systems, page fingerprinting, and various logging and auditing features. Security is not so much about stopping access to a system but more knowing when and how a system was compromised and minimising the damage that can be done when that happens.
Justin McLean
1:19 2011-02-24 2011-02-24 charlie arehart
ColdFusion Application Security (View video , Show Description )Adobe's ColdFusion Specialist for the government sector, Adam Wayne Lehman will present "ColdFusion Application Security". This presentation details the OWASP Top Ten Most Critical Web Application Security Vulnerabilities and how they are pertain to developing ColdFusion applications. Demonstration of effective methods to avoid and prevent invalidated input, broken access controls, broken authentication and session management, cross-site scripting flaws, injection flaws, and improper error handling.
Adam has been developing web applications specializing in ColdFusion for nearly a decade. His background includes designing and programming e-learning applications for Johns Hopkins Bloomberg School of Public Health, and before Adobe, Adam was a Senior Web Systems Engineer for the U.S. Department of State where he managed a team of developers and architects enterprise ColdFusion applications. Adam has also managed the Department of State Adobe Developer User Group for over two years. His work has been featured in Macromedia?s DRK(Developer Resource Kit) and his other areas of expertise include application security, section 508-compliant design and Oracle database development.
Adam Wayne Lehman
1:20 2006-10-19 2006-10-19 Steven Erat
« Previous ( 1 2 3 4 5 ) Next »
Show how many results?:
You can bookmark this search as http://www.carehart.org/ugtv/list.cfm?search=security
or track the search results using RSS:
RSS Feed of 10 latest presentations referring to: security -- (Validate RSS feed )
RSS Feed:
RSS Feed of 10 latest added presentations
Receive an email newsletter of newest entries: via Feedblitz