About

Dave Ferguson has been working in information technology for over 15 years. He has spent the majority of that time specializing in large enterprise-class systems, system security, and mobile . Dave currently holds a Master ColdFusion Developer certification as well as many other information technology certifications. In his current employ he a Principal Programmer for the Walt Disney Company. He has also written a couple articles for the ColdFusion Developers Journal as well as running his own ColdFusion blog, blog.dkferguson.com. He is also one of the voices of the CFHour podcast www.cfhour.com. The podcast, just like his blog, is mostly focused on ColdFusion but dabbles in to other technologies. Dave is also a member of the Adobe Community Professional group.

Application Intrusion, Detection and Tracking

When there was just a browser the attack vectors on a system were simple. But, with mobile, AIR, and now set top development, the number of vectors is growing. This in itself is not the issue. The problem is that for most applications security is an after thought. If any security is added it is usually to protect form submission. In this session we will look at the anatomy of an attack. We will look at some basic examples of how secure code is not. We discuss good and bad practices on what will and will not work when protecting your application. We will look at ways to know you are being attacked. We will also dispel some common misconceptions of what is secure.