This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "ESAPI Roadmap"
From OWASP
(New page: == Priorities == Focus on project charter... * Rewrite to allow for arbitrary validators * Fix Javascript encoding * Internationalization * ESAPI Scala Edition * ESAPI PHP Edition * ESA...) |
(No difference)
|
Revision as of 20:23, 11 December 2008
Priorities
Focus on project charter...
- Rewrite to allow for arbitrary validators
- Fix Javascript encoding
- Internationalization
- ESAPI Scala Edition
- ESAPI PHP Edition
- ESAPI .NET Edition
- Access control 2.0
- Intrusion detection
- Filters
- Documentation
- Validation 2.0
- Sample App showing before and after security problems
- Easy and efficient dev environment and install w/ clear documentation
- Marketing pages to "sell" ESAPI
- Documentation - Getting started guide
- Documentation - Easy application remediation Guide
- Documentation - How to integrate into existing app
- Documentation - How ESAPI makes you secure
- CSRF protection
- Threat Model - SRA of encryption implementation
- PILOT - at Lockheed?
- Framework layer integration features (bridges?)
- Threat Model for each control (assumptions and coverage)
- Logging 2.0
- Stablize the API
- Separate "day-to-day" calls from "admin-like" calls
