This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Project Information:experience3"
(18 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
---- | ---- | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
− | + | | style="width:15%; background:#7B8ABD" align="center"|'''Name''' | |
− | |||
− | | style="width:15%; background:#7B8ABD" align="center"|''' | ||
| colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Enterprise Security API (ESAPI) Project''' | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Enterprise Security API (ESAPI) Project''' | ||
|- | |- | ||
− | | style="width:15%; background:#7B8ABD" align="center"| ''' | + | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' |
| colspan="7" style="width:85%; background:#cccccc" align="left"| | | colspan="7" style="width:85%; background:#cccccc" align="left"| | ||
− | + | Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms: | |
* '''Java EE''' - This version of the ESAPI Toolkit is currently available. | * '''Java EE''' - This version of the ESAPI Toolkit is currently available. | ||
+ | * '''Classic ASP''' - This version of the ESAPI Toolkit is currently under assessment. | ||
+ | * '''PHP''' - This version of the ESAPI Toolkit is currently under development. | ||
* '''.NET''' - This version of the ESAPI Toolkit is currently under development. | * '''.NET''' - This version of the ESAPI Toolkit is currently under development. | ||
− | * ''' | + | * '''Cold Fusion''' - This version of the ESAPI Toolkit is currently under development. |
+ | * '''Haskel''' - This version of the ESAPI Toolkit is currently under development. | ||
+ | |} | ||
+ | ---- | ||
+ | |||
+ | ==== Java EE ==== | ||
+ | ---- | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''Java EE''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"| | ||
+ | Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms: | ||
+ | * '''Java EE''' - This version of the ESAPI Toolkit is currently available. | ||
|- | |- | ||
| style="width:15%; background:#7B8ABD" align="center"| | | style="width:15%; background:#7B8ABD" align="center"| | ||
− | '''Key | + | '''Key Information''' |
| style="width:14%; background:#cccccc" align="center"| | | style="width:14%; background:#cccccc" align="center"| | ||
Project Leader<br>[[:User:Jeff Williams|'''Jeff Williams''']] | Project Leader<br>[[:User:Jeff Williams|'''Jeff Williams''']] | ||
Line 23: | Line 37: | ||
Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | ||
| style="width:17%; background:#cccccc" align="center"| | | style="width:17%; background:#cccccc" align="center"| | ||
− | License<br>[http://en.wikipedia.org/wiki/BSD_license '''BSD | + | License<br>[http://en.wikipedia.org/wiki/BSD_license '''Berkeley Software Distribution (BSD)'''] |
| style="width:14%; background:#cccccc" align="center"| | | style="width:14%; background:#cccccc" align="center"| | ||
Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Tool''']] | Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Tool''']] | ||
Line 37: | Line 51: | ||
Provisory '''[[:Category:OWASP Project Assessment#Release Quality Tool Criteria|Release Quality]]'''<br>(Waiting for Second Reviewer's assessment)<br>[[:OWASP Enterprise Security API Project - Assessment Frame|Please see here for complete information.]] | Provisory '''[[:Category:OWASP Project Assessment#Release Quality Tool Criteria|Release Quality]]'''<br>(Waiting for Second Reviewer's assessment)<br>[[:OWASP Enterprise Security API Project - Assessment Frame|Please see here for complete information.]] | ||
| style="width:42%; background:#cccccc" align="left"| | | style="width:42%; background:#cccccc" align="left"| | ||
− | |||
* ESAPI Demo application - [[ESAPI_Swingset|The ESAPI Swingset]]<br> | * ESAPI Demo application - [[ESAPI_Swingset|The ESAPI Swingset]]<br> | ||
* JAVA 1.4 compatible JAR for ESAPI v1.4 - [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-full-java-1.4.jar Complete] & [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-basic-java-1.4.jar Basic] JAR files<br> | * JAVA 1.4 compatible JAR for ESAPI v1.4 - [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-full-java-1.4.jar Complete] & [http://owasp-esapi-java.googlecode.com/files/owasp-esapi-basic-java-1.4.jar Basic] JAR files<br> | ||
Line 50: | Line 63: | ||
---- | ---- | ||
+ | ==== Classic ASP ==== | ||
+ | ---- | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Classic ASP Security Project''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"|This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically: | ||
+ | * Creation of a Common Object Repository for ASP applications based on OWASP ESAPI Project including objects and/or references to libraries for security applications all this aligned with OWASP Top10 and OWASP Guide . | ||
+ | * Create Documentation aligned to OWASP Code Review Project Checklist providing additional technology-specific checks. | ||
+ | * Addition of expression for Code Review Tool to support Classic ASP applications. | ||
+ | * Implementation of Version 1 of Stinger for ASP either by using an installable COM library or ISAPI. | ||
+ | * This same module will compliment the OWASP Validation Documentation Project. | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''key Information''' | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Jcmax|'''Juan Carlos Calderon''']] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any) | ||
+ | | style="width:10%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-classic-asp-security-project '''Subscribe here''']<br>[mailto:OWASP-Classic-ASP-Security-Project(at)lists.owasp.org '''Use here'''] | ||
+ | | style="width:17%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Type<br>[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Alpha_Status_Projects '''Tool'''] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Sponsors<br>[[OWASP Summer of Code 2008|'''OWASP SoC 08''']] | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects''' | ||
+ | |- | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | Provisory '''[[:Category:OWASP_Project_Assessment#Alpha_Quality_Tool_Criteria|Alpha Quality]]'''<br>[[:OWASP Classic ASP Security Project - Assessment Frame|Please see here for complete information.]] | ||
+ | | style="width:42%; background:#cccccc" align="center"| | ||
+ | [[:image:OWASP_Classic_ASP_ESAPI.zip|OWASP Classic ASP ESAPI ZIP]] | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | [[:Category:OWASP Enterprise Security API|'''OWASP Enterprise Security API''']] | ||
+ | |} | ||
+ | ---- | ||
+ | ==== PHP ==== | ||
+ | ---- | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''PHP''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"| | ||
+ | Fill in here. | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''key Information''' | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Vanderaj|'''Andrew van der Stock''']] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any) | ||
+ | | style="width:10%; background:#cccccc" align="center"|Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | ||
+ | | style="width:17%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Type<br>[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Release_Status_Projects '''Tool'''] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Sponsors<br>if any | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects''' | ||
+ | |- | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | '''[[:Category:OWASP_Project_Assessment#Alpha_Quality_Tool_Criteria|Alpha Quality]]'''<br>[[:OWASP Enterprise Security API - PHP - Project - Assessment Frame|Please see here for complete information.]] | ||
+ | | style="width:42%; background:#cccccc" align="center"| | ||
+ | Fill in here | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | If any | ||
+ | |} | ||
+ | ---- | ||
+ | ==== .NET ==== | ||
+ | ==== Cold Fusion ==== | ||
− | + | ==== Haskel ==== | |
− | + | __NOTOC__ | |
− | |||
− | |||
− | ==== | ||
<headertabs/> | <headertabs/> |
Latest revision as of 01:18, 31 March 2009
Project Information
Name | OWASP Enterprise Security API (ESAPI) Project | ||||||
Description |
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
|
Java EE
Language | Java EE | ||||||
Description |
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
| ||||||
Key Information |
Project Leader |
Project Contibutors |
Mailing List |
Project Type |
Sponsors |
Release Status | Main Links | Related Projects |
---|---|---|
Provisory Release Quality |
|
Classic ASP
Language | OWASP Classic ASP Security Project | ||||||
Description | This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically:
| ||||||
key Information | Project Leader Juan Carlos Calderon |
Project Contributors (if any) |
Mailing list Subscribe here Use here |
License Creative Commons Attribution Share Alike 3.0 |
Project Type Tool |
Sponsors OWASP SoC 08 |
Release Status | Main Links | Related Projects |
---|---|---|
Provisory Alpha Quality |
PHP
Language | PHP | ||||||
Description |
Fill in here. | ||||||
key Information | Project Leader Andrew van der Stock |
Project Contributors (if any) |
Mailing List Subscribe here Use here |
License Creative Commons Attribution Share Alike 3.0 |
Project Type Tool |
Sponsors if any |
Release Status | Main Links | Related Projects |
---|---|---|
Fill in here |
If any |
.NET
Cold Fusion
Haskel