Bryan Murphy is the owner of GuardianLogic, Inc. (www.guardianlogic.com), an information security firm that provides application and network vulnerability assessments and hardening. He is also one of the authors of Metazoa (www.metazoa.ca), a security-enhanced content management system; Membrane, an application-level firewall; and MetaGuard, a CFC that provides role-based login, authentication, and access control. Bryan has been an ethical hacker since the old-school BBS days. Visit his blog at www.downgrade.org.
The Internet has become a scary and hostile place; can your Web applications
survive?
Although a lot of media attention has recently been paid to information
security, surprisingly little has been published regarding ColdFusion
security. Does this then mean that ColdFusion applications are immune to
security risks? The answer, unfortunately, is no. Attacks may actually be
easier to execute and much more prevalent than programmers would like to
believe. Knowing the security risks are there is half the battle.
This article is not meant to be a silver bullet or a complete reference, as
that could easily fill many volumes. I hope instead to give a thorough
overview of ColdFusion security coding practices - thorough enough that you
will know what types of things to take into... (more)
Search functionality has become the status quo for all major Web sites. The
typical search box/button found on home pages across the Net is considered
the ultimate in user-friendly design: users type in what they're looking for
and the search engine finds it quickly and easily.
By applying the tips and tricks illustrated in this article, developers can
augment the Verity search engine tha... (more)
Using CF structures to store data allows you to access individual records
without querying a database. Until now, successfully implementing a scalable,
high-volume site has entailed five basic principles:
1. Write tight, efficient code.
2. Use cached queries.
3. Set up a proper network architecture.
4. Use top-of-the-line hardware.
5. Implement a properly designed database.
This article sugg... (more)
Bryan Murphy is the owner of GuardianLogic, Inc. (www.guardianlogic.com), an information security firm that provides application and network vulnerability assessments and hardening. He is also one of the authors of Metazoa (www.metazoa.ca), a security-enhanced content management system; Membrane, an application-level firewall; and MetaGuard, a CFC that provides role-based login, authentication, and access control. Bryan has been an ethical hacker since the old-school BBS days. Visit his blog at www.downgrade.org.
Vincent Kadar
Jill Starr
Christophe Dufourmantelle
Hovhannes Avoyan
Josh Powell
Pawel Plaszczak
Bob Little
Shai Quest
Bob Snyder
Jacques Durand
