Looks like I'll be presenting at cf.Objective()

Posted At : January 29, 2009 9:30 AM | Posted By : Jason Dean
Related Categories: cf.Objective(),CFUG,Conferences

Last year, after attending cf.Objective(), I became really excited about blogging and learning more, and presenting something at cf.Objective() 2009 because a personal goal. I even added it to my list of goals for 2009 on my annual review at work. Now it looks like I will achieve that goal. Sweet.

As any who read this blog knows, I am very interested in Application Security. I enjoy reading about and researching it, and I really enjoy testing it. I have spent many a Saturday afternoon and evening trying to exploit ColdFusion, databases, web forms, etc in ways that I see described in books and blog posts concerning other environments.

Since cf.Objective() is the "World's Only Enterprise Engineering Conference for ColdFusion Programmers", I am going to skip the "Intro to AppSec" presentation that I have done before. I think it is below the general demographic of cf.Objective() and I think I and many others are getting a little board with hearing about SQL injection attacks. This presentation will be about some more intermediate to advanced topics in Application Security.

My first pledge to you is that I will not talk about <cfqueryparam>. Everyone should know about SQL injection attacks, and if they don't, there are countless resources explaining it. I am not going to waste your time. There are more interesting and enjoyable topics that people need to know about. Some of the things I will discuss are:

Request Forgeries
Password Security
Session Security
Cookie Security
Input Validation

I'm really looking forward to it. I think it is going to be a blast. Last year was my first CF conference. I met so many awesome people and had such a great time. The networking alone was worth the price of admission. As a speaker I will be in great company, but as an attendee I will be in amazing company.

I'd like to thank the cf.Objective() selection committee for giving me a chance and for making the process easy and enjoyable.

Comments (3) |

Print |

Send |

del.icio.us |

Digg It! |

Linking Blogs | 1303 Views

Related Blog Entries

I will be speaking about ColdFusion Application Security at the Boston CFUG this week (September 14, 2009)
It's almost time for cf.Objective() (May 12, 2009)
Geeks' Night Out - Star Trek at IMAX during cf.Objective() (May 7, 2009)
The Sun Presenter Console Extension for OpenOffice.org Impress (March 24, 2009)
I will be speaking at TCCFUG this Wednesday March 4th 2009 (March 2, 2009)
cf.Objective() short review. Wow! (May 5, 2008)

Comments

[Add Comment] [Subscribe to Comments]

Awesome, Jason! Dude, we need to talk ... sounds like we're on the same track, except my talk will focus on security "testing".

bill

# Posted By bill shelton | 1/29/09 9:34 AM

@Bill, I look forward to it. I was just asking someone a few weeks ago about ways to incorporate security testing into unit testing and Integration testing. I am still a testing novice.

# Posted By Jason Dean | 1/29/09 9:45 AM

Congrats Jason. I look forward to meeting you in May.

# Posted By Bob Silverberg | 1/29/09 12:46 PM

[Add Comment]

RSS

ColdFusion Project from RIAForge

Amazon Rank Widget

A widget that will display a list of books in order of their Amazon Sales Rank