Got an email a few minutes ago from Foundeo announcing their new firewall product written completely in ColdFusion. Stealing a bit from their email to me, features include:
- Cross Site Scripting / XSS
- SQL Injection
- Session Hijacking
- Cross Site Request Forgery
- CRLF Injection
- Path Traversal Attacks
- Password Dictionary Attacks
- Extensible CFC API for writing your own Filters and Loggers
- Configure it in a language you already know - CFML!
- Runs on most shared hosting accounts
- Runs and Tested on ColdFusion 6.1+, OpenBD 1+, Railo 3+
Seems pretty impressive. I haven't used it myself, but if anyone wants to review it in the comments below, I'd love to hear more.
Archived Comments
Thanks for posting this Ray. I will be happy to answer any questions that anyone has.
Perhaps a bit more description on features. I see some that are above and beyond http://portcullis.riaforge.... however more detail would be helpful.
@Amy I am working on getting more descriptive content on the web site. I will post a comment when I have that ready. In the mean time you can download the evaluation copy which includes more documentation. Thanks
Looks awesome. Can't wait to try it.
@Amy: Yeah, I was thinking Portcullis myself when I read the description the other day.
Pete,
Was there any thought given to an unencrypted version of the product within certain constraints? I completely understand why it is the way it is, just given the nature of our work we could never even try it out in production.
@Dana only the trail version is encrypted, the regular versions are not encrypted.
good to know, thanks Pete!