This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Project Information:experience3"
(8 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms: | Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms: | ||
* '''Java EE''' - This version of the ESAPI Toolkit is currently available. | * '''Java EE''' - This version of the ESAPI Toolkit is currently available. | ||
+ | * '''Classic ASP''' - This version of the ESAPI Toolkit is currently under assessment. | ||
+ | * '''PHP''' - This version of the ESAPI Toolkit is currently under development. | ||
* '''.NET''' - This version of the ESAPI Toolkit is currently under development. | * '''.NET''' - This version of the ESAPI Toolkit is currently under development. | ||
− | * ''' | + | * '''Cold Fusion''' - This version of the ESAPI Toolkit is currently under development. |
+ | * '''Haskel''' - This version of the ESAPI Toolkit is currently under development. | ||
|} | |} | ||
---- | ---- | ||
Line 17: | Line 20: | ||
---- | ---- | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
− | | style="width:15%; background:#7B8ABD" align="center"|''' | + | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' |
| colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''Java EE''' | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''Java EE''' | ||
− | |||
|- | |- | ||
− | | style="width:15%; background:#7B8ABD" align="center"| ''' | + | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' |
| colspan="7" style="width:85%; background:#cccccc" align="left"| | | colspan="7" style="width:85%; background:#cccccc" align="left"| | ||
− | + | Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The '''OWASP Enterprise Security API (ESAPI) Toolkits''' help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms: | |
* '''Java EE''' - This version of the ESAPI Toolkit is currently available. | * '''Java EE''' - This version of the ESAPI Toolkit is currently available. | ||
− | |||
− | |||
|- | |- | ||
| style="width:15%; background:#7B8ABD" align="center"| | | style="width:15%; background:#7B8ABD" align="center"| | ||
Line 37: | Line 37: | ||
Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | ||
| style="width:17%; background:#cccccc" align="center"| | | style="width:17%; background:#cccccc" align="center"| | ||
− | License<br>[http://en.wikipedia.org/wiki/BSD_license '''BSD | + | License<br>[http://en.wikipedia.org/wiki/BSD_license '''Berkeley Software Distribution (BSD)'''] |
| style="width:14%; background:#cccccc" align="center"| | | style="width:14%; background:#cccccc" align="center"| | ||
Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Tool''']] | Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Tool''']] | ||
Line 66: | Line 66: | ||
---- | ---- | ||
{| style="width:100%" border="0" align="center" | {| style="width:100%" border="0" align="center" | ||
− | | style="width:15%; background:#7B8ABD" align="center"|''' | + | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' |
| colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Classic ASP Security Project''' | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Classic ASP Security Project''' | ||
|- | |- | ||
− | | style="width:15%; background:#7B8ABD" align="center"| ''' | + | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' |
| colspan="7" style="width:85%; background:#cccccc" align="left"|This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically: | | colspan="7" style="width:85%; background:#cccccc" align="left"|This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically: | ||
* Creation of a Common Object Repository for ASP applications based on OWASP ESAPI Project including objects and/or references to libraries for security applications all this aligned with OWASP Top10 and OWASP Guide . | * Creation of a Common Object Repository for ASP applications based on OWASP ESAPI Project including objects and/or references to libraries for security applications all this aligned with OWASP Top10 and OWASP Guide . | ||
Line 77: | Line 77: | ||
* This same module will compliment the OWASP Validation Documentation Project. | * This same module will compliment the OWASP Validation Documentation Project. | ||
|- | |- | ||
− | | style="width:15%; background:#7B8ABD" align="center"|''' | + | | style="width:15%; background:#7B8ABD" align="center"|'''key Information''' |
| style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Jcmax|'''Juan Carlos Calderon''']] | | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Jcmax|'''Juan Carlos Calderon''']] | ||
| style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any) | | style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any) | ||
Line 100: | Line 100: | ||
==== PHP ==== | ==== PHP ==== | ||
− | + | ---- | |
+ | {| style="width:100%" border="0" align="center" | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''Language''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''PHP''' | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"| '''Description''' | ||
+ | | colspan="7" style="width:85%; background:#cccccc" align="left"| | ||
+ | Fill in here. | ||
+ | |- | ||
+ | | style="width:15%; background:#7B8ABD" align="center"|'''key Information''' | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Vanderaj|'''Andrew van der Stock''']] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any) | ||
+ | | style="width:10%; background:#cccccc" align="center"|Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-esapi '''Subscribe here''']<br>[mailto:[email protected] '''Use here'''] | ||
+ | | style="width:17%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0'''] | ||
+ | | style="width:14%; background:#cccccc" align="center"|Project Type<br>[https://www.owasp.org/index.php/Category:OWASP_Project#tab=Release_Status_Projects '''Tool'''] | ||
+ | | style="width:15%; background:#cccccc" align="center"|Sponsors<br>if any | ||
+ | |} | ||
+ | {| style="width:100%" border="0" align="center" | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links''' | ||
+ | ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects''' | ||
+ | |- | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | '''[[:Category:OWASP_Project_Assessment#Alpha_Quality_Tool_Criteria|Alpha Quality]]'''<br>[[:OWASP Enterprise Security API - PHP - Project - Assessment Frame|Please see here for complete information.]] | ||
+ | | style="width:42%; background:#cccccc" align="center"| | ||
+ | Fill in here | ||
+ | | style="width:29%; background:#cccccc" align="center"| | ||
+ | If any | ||
+ | |} | ||
+ | ---- | ||
==== .NET ==== | ==== .NET ==== | ||
Latest revision as of 01:18, 31 March 2009
Project Information
Name | OWASP Enterprise Security API (ESAPI) Project | ||||||
Description |
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
|
Java EE
Language | Java EE | ||||||
Description |
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
| ||||||
Key Information |
Project Leader |
Project Contibutors |
Mailing List |
Project Type |
Sponsors |
Release Status | Main Links | Related Projects |
---|---|---|
Provisory Release Quality |
|
Classic ASP
Language | OWASP Classic ASP Security Project | ||||||
Description | This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically:
| ||||||
key Information | Project Leader Juan Carlos Calderon |
Project Contributors (if any) |
Mailing list Subscribe here Use here |
License Creative Commons Attribution Share Alike 3.0 |
Project Type Tool |
Sponsors OWASP SoC 08 |
Release Status | Main Links | Related Projects |
---|---|---|
Provisory Alpha Quality |
PHP
Language | PHP | ||||||
Description |
Fill in here. | ||||||
key Information | Project Leader Andrew van der Stock |
Project Contributors (if any) |
Mailing List Subscribe here Use here |
License Creative Commons Attribution Share Alike 3.0 |
Project Type Tool |
Sponsors if any |
Release Status | Main Links | Related Projects |
---|---|---|
Fill in here |
If any |
.NET
Cold Fusion
Haskel