Web Development  >>  Coldfusion

CF.Objective() Preview: Security and the SDLC: Threat Modeling

Language : English Quality : High Has Audio : true Source : Adobe Media : Flash
In this 30 minute preview of his CFObjective seminar, Dean will examine how threat modeling can be used as a baseline activity to ensure the security of web applications. Threat modeling is a structured approach for identifying, evaluating and mitigating risks to system security. By modeling a system as an attacker would, development organizations can prioritize the usage of a development/security budget, manage risks to system security and find vulnerabilities earlier than technical testing or code reviews. Applied early in the development lifecycle, threat modeling can be used to drive further secure SDLC activities, such as code reviews and penetration testing to ensure the security of your software throughout its lifetime.

Tags: Coldfusion, Security, SDLC, CF.Objective,     [SUGGEST  A  TAG]

Resources referenced in this screencast
  • Coldfusion MX
  • CF.Objective

  • Created : 2007-04-27   Duration : 39:24

    Articles Realted to this Topic

    [SUGGEST  A  ARTICLE]
    ColdFusion security features
    ColdFusion MX Administrator is protected by a password. Additionally, you can specify a password for access to data sources from Macromedia Dreamweaver MX. For more information on configuring Administrator security passwords, see the ColdFusion MX Administrator online Help
    Design Guidelines for Secure Web Applications
    This chapter presents a set of secure design guidelines for application architects. The guidelines are organized by common application vulnerability category including input validation, authentication, authorization, configuration management, sensitive data, session management, cryptography, parameter manipulation, exception management and auditing and logging. These represent the key areas for Web application security design, where mistakes are most often made.