| Web Development >> Coldfusion |
CF.Objective() Preview: Security and the SDLC: Threat Modeling
| Language : | English | Quality : | High | Has Audio : | true | Source : | Adobe | Media : | Flash |
| In this 30 minute preview of his CFObjective seminar, Dean will examine how threat modeling can be used as a baseline activity to ensure the security of web applications. Threat modeling is a structured approach for identifying, evaluating and mitigating risks to system security. By modeling a system as an attacker would, development organizations can prioritize the usage of a development/security budget, manage risks to system security and find vulnerabilities earlier than technical testing or code reviews. Applied early in the development lifecycle, threat modeling can be used to drive further secure SDLC activities, such as code reviews and penetration testing to ensure the security of your software throughout its lifetime. |
Tags: Coldfusion, Security, SDLC, CF.Objective, [SUGGEST A TAG]
Resources referenced in this screencast
|
Articles Realted to this Topic |
[SUGGEST A ARTICLE] |
|
ColdFusion security features ColdFusion MX Administrator is protected by a password. Additionally, you can specify a password for access to data sources from Macromedia Dreamweaver MX. For more information on configuring Administrator security passwords, see the ColdFusion MX Administrator online Help |
|
Design Guidelines for Secure Web Applications This chapter presents a set of secure design guidelines for application architects. The guidelines are organized by common application vulnerability category including input validation, authentication, authorization, configuration management, sensitive data, session management, cryptography, parameter manipulation, exception management and auditing and logging. These represent the key areas for Web application security design, where mistakes are most often made. |