Pete Freitag is an asset to the cfml community. Pete is probably most well-known for HackMyCF, but has built a lot of great products, as you can see on his website . CFDocs is another great project that Pete is leading the way with, currently the project has 71 contributors, creating the ultimate documentation for cfml, crossing the engine boundaries.
We are very happy to have Pete back again as a speaker at this years Into the Box 2017… speaking about "Securing CFML Codebases"
Pete Freitag has well over a dozen years of experience building web applications with ColdFusion. In 2006 he started Foundeo Inc (foundeo.com), a ColdFusion consulting and products company. Pete helps clients develop and architect custom ColdFusion applications, as well as review an improve the performance and security of existing applications. He has also built several products and services for ColdFusion including a Web Application Firewall for ColdFusion called FuseGuard (fuseguard.com) and a ColdFusion server security scanning service called HackMyCF (hackmycf.com). Pete holds a BS in Software Engineering from Clarkson University.
The task of securing your large code bases from vulnerabilities can be an overwhelming and time consuming task. Many developers don't know where to start, and never do. This session will arm you with an approach slaying those legacy security vulnerabilities in your CFML code. You will also learn about several vulnerabilities and things to look out for as you develop new code.
We asked Pete a few questions to get to know him better, let's see what he said.
Ortus Solutions has been a major innovative force in CFML community. Their tools and products are extremely useful not only to ColdBox developers but to any CFML developer. I have spoken at Into The Box previously and look forward to it!
As with any conference I am hoping to pick up a few tips and tricks that I can bring home to my everyday work. I'm always amazed with what you can learn from watching someone else perform your craft.
It is an excellent lineup of speakers all with lots of unique experience. I always love picking the brain of Brad Wood, usually with regard to commandbox.
CFML has been around for a while, most CFML code bases are quite large and important. The task of securing a large codebase is difficult, I will present some techniques to help you take steps towards a more secure code base.
Security is one of those things that is easy to ignore, until there is a problem. When there is a problem it becomes a horrible situation to deal with. I like to educate CFML developers so they can hopefully avoid those situations, because if you don't know what to defend against you probably aren't defending.
commandbox - I use it every day at work. I use it to run local development servers and also to run automated tests on continuous integration platforms.
I've climbed about half of the 46 high peaks of New York State.
Thank you Pete for taking the time to answer some questions. I know I am excited about attending your session… I am sure many others are too.
Do you have your ITB Ticket yet? https://www.intothebox.org/#pricing