"Hack-Proofing Your ColdFusion Powered Sites", with Scott Stroz

  • December 4, 2008 · 6:00 PM
  • This location is shown only to members

WHEN: Thursday, December 4, 6:00pm US EST (UTC/GMT-5) (What time is that for you? See
http://www.timeanddate.com/worldclock/fixedtime.html?year=2008&month=12&day=04&hour=18&min=00&sec=0&p1=25 which shows the time as US EST and you can choose your city from the list offered to see what time that is in your own timezone.)
MEETING URL:
http://experts.acrobat.com/cfmeetup/ DURATION: Approx. 1 hour
Meeting will be recorded. URL will be posted after meeting at
http://recordings.coldfusionmeetup.com
ABOUT THIS SESSION: Out 6pm talk on Thursday Dec 04 will be Scott Stroz presenting, "Hack-Proofing Your ColdFusion Powered Sites". He offered this talk at Max, and with the great number of people whose sites have been hacked in recent months due to SQL Injection and more, this is a very important talk. Note that there will be no meeting on Nov 27 due to the Thanksgiving holiday in the US.
TOPIC DESCRIPTION: You use ColdFusion because it’s fast, easy, and incredibly productive, and the end result is fast and highly scalable. But is your application secure? Have you taken the necessary steps to stop hackers, or have you hung a welcome sign for them on your virtual door? ColdFusion applications can indeed be highly secure, but only if the developer makes them so. In this lesson you’ll learn about SQL injection attacks, session hijacking, and more, and you’ll walk away armed with the knowledge you need to lock hackers out in the cold.
SPEAKER: Scott Stroz is a senior software architect at Alagad. He has been working with ColdFusion since version 5 and has been a Macromedia/Adobe Certified Advanced ColdFusion Developer since ColdFusion MX. He is currently a member of the Adobe Community Experts for ColdFusion. Scott is also a blogger, author and frequent speaker at user groups and conferences on various Flex and ColdFusion topics.
RECORDING: As always, the meeting will be recorded, and the recording URL will be posted after the meeting at
http://recordings.coldfusionmeetup.com.
PODCAST/DOWNLOADABLE RECORDINGS: We will attempt to make this meeting available as a downloadable recording, which will be listed on the recordings page within a few days of the meeting.
LOGGING IN: When you login to the Connect room (the experts.acrobat.com/cfmeetup link above) to view the meeting, PLEASE USE THE "LOGIN AS GUEST" option, and USE YOUR NAME, but do NOT attempt to use your meetup.com username/password. The login screen presented there has no connection to meetup.com. And if you have a real Connect account, don't use that either. Just sign in as a guest. It's just not worthwhile try to add those who have real accounts to the participant list for each meeting. You have no fewer features as a guest as than you would if logging in with your own Connect account. Thanks.
RSVP, but only if coming: We appreciate folks RSVPing if they plan to come (using the link on this email or at the meetup site), though it's not mandatory and it's not a commitment. BTW,
no need to RSVP if you can't make it nor even explain why you can't. With nearly 1,500 members, there's really no reason to explain your absence. :-)
FEEDBACK/MEEETING DISCUSSION: We would appreciate your sharing your feedback after the meeting (via the follow-up email sent to members, or via a link on the site). Meetup.com also now offers a meeting-specific discussion area, available on each meeting event page, in addition to the feedback feature. Please feel free to have discussions there about the meeting's topic.
ADD THIS TO YOUR CALENDAR: If you would like to easily add this event to your own personal calendar, please note that the page for the event offers a link (on the right) saying, "Add this meeting to your calendar", which offers links to get calendar downloads for Outlook, iCal, Google, and Yahoo calendars.

Join or login to comment.

  • A former member
    A former member

    Good security overview - tho a few tech glitches with the sound

    December 8, 2008

  • A former member
    A former member

    It would be incredible to see the entire presentation at some point in the future, that topic was extremely helpful and as more and more apps are being developed it will continue to be more and more difficult to protecting data against the onslaught of hackers out there

    December 6, 2008

  • Steve W.

    Other than dealing with a few phones ringing in the background at the beginning, everything went very well. Scott shared some of his high-level concepts on making ColdFusion sites "Hack-Resistant." Very well prepared and delivered. Great job!

    December 5, 2008

  • A former member
    A former member

    Scott provided good examples and related them to real practice. This provided a better understanding of each concept.
    The presentation was very helpful.

    December 5, 2008

  • A former member
    A former member

    He showed how important it is, and how people hack the site. It was very informative. He showed good examples.

    It would be nice if he takes other session on how error messageing can be set for sitewide, try catch block, page not found etc.

    He showed how important it is, and how people hack the site.

    It would be nice to see how to prevent people access the other data by changing the ID in webbrowser .

    December 5, 2008

  • A former member
    A former member

    I appreciated learning more about 'how' the hacks take place and not just about 'why' it is important to prevent them.

    December 4, 2008

  • Dean L.

    I was familiar with a lot of the content, but I think Scott did a great job of putting it all together in one place.

    December 4, 2008

Our Sponsors

People in this
Meetup are also in:

Sometimes the best Meetup Group is the one you start

Get started Learn more
Katie

Katie, started NYC ICO

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy