Into The Box 2023 Slides

I'm back from Houston Texas after another great Into the Box conference. Slides for my talk Taming the top 25 Most Dangerous Software Weaknesses can be found here. For code samples I used my Bank of Insecurity repository which is full of security weaknesses.

From: Pete Freitag's Homepage

File Create Time in ColdFusion / CFML

Today I needed to get the time that a file was created from within some CFML code.

From: Pete Freitag's Homepage

Speaking at ColdFusion Summit Online Next Week

I will be giving my talk Taming the Top 25 Most Dangerous Software Weaknesses (for ColdFusion Developers) next Tuesday, December 6th 2022 at 1pm US Eastern Time.

From: Pete Freitag's Homepage

OpenSSL and ColdFusion / Lucee / Tomcat

I've had a several people asking me about the openssl vulnerabilities that were patched this week: CVE-2022-3602 and CVE-2022-3786 aka Spooky SSL.

From: Pete Freitag's Homepage

ColdFusion Security Training Class December 2022

Early bird registration is open for my ColdFusion Security Training deep dive class in December.

From: Pete Freitag's Homepage

How Long Has Your ColdFusion Server Been Running?

Someone asked on the CFML slack recently how can you find out how long your ColdFusion (or Lucee) server has been running via code.

From: Pete Freitag's Homepage

Adding CloudFlare Turnstile CAPTCHAs to CFML Sites

CloudFlare recently released a new CAPTCHA service called Turnstile, which aims to provide a better user experience for CAPTCHA's.

From: Pete Freitag's Homepage

ColdFusion Summit 2022 Slides

I'm back from another excellent CFSummit.

From: Pete Freitag's Homepage

Ways to suppress a finding in Fixinator

Code is complex, so any static application security testing (SAST) tool will find things that may not be an actual security issue.

From: Pete Freitag's Homepage

Simple Parallel Execution in ColdFusion or Lucee

A really handy feature of the arrayEach() function is the parallel argument.

From: Pete Freitag's Homepage

Creating a ColdFusion UUID in MySQL

The uuid() function in MySQL returns a 36 character hex string, formatted as: aa479ea9-1d9d-11ed-ba03-564760fe47b7 ColdFusion's createUUID() function returns a 35 character hex string formatted as: AA479EA9-1D9D-11ED-BA03564760FE47B7 Both store the same amount of data (16 bytes), the only difference...

From: Pete Freitag's Homepage

Better CFML Code with CI

I gave a presentation for the Adobe ColdFusion Developer Week Conference today titled: Better CFML Code with CI. You can find the slides for my talk here, and the video here. Here is a link to the code samples.

From: Pete Freitag's Homepage