This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Project Information:experience3

From OWASP
Revision as of 00:48, 31 March 2009 by Paulo Coimbra (talk | contribs)

Jump to: navigation, search

Project Information


Name OWASP Enterprise Security API (ESAPI) Project
Description

Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:

  • Java EE - This version of the ESAPI Toolkit is currently available.
  • .NET - This version of the ESAPI Toolkit is currently under development.
  • PHP - This version of the ESAPI Toolkit is currently under development.

Java EE


Project Name Java EE

Short Project Description
Esapi-bannerbug.JPG
Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. The ESAPI Toolkit architecture is very simple – a collection of classes that encapsulate the key security operations most applications need. ESAPI is designed to make it easy to retrofit security into existing applications, as well as providing a solid foundation for new development. ESAPI comes with an ESAPI filter that minimizes the changes required to your base application. There are ESAPI Toolkits for the following platforms:
  • Java EE - This version of the ESAPI Toolkit is currently available.
  • .NET - This version of the ESAPI Toolkit is currently under development.
  • PHP - This version of the ESAPI Toolkit is currently under development.

Key Information

Project Leader
Jeff Williams

Project Contibutors
If any, add here

Mailing List
Subscribe here
Use here

License
BSD license

Project Type
Tool

Sponsors
Aspect_logo.gif
Release Status Main Links Related Projects

Provisory Release Quality
(Waiting for Second Reviewer's assessment)
Please see here for complete information.

OWASP Top Ten
OWASP ASVS Project


Classic ASP


PROJECT IDENTIFICATION
Project Name OWASP Classic ASP Security Project
Short Project Description This project aims to create a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. More specifically:
  • Creation of a Common Object Repository for ASP applications based on OWASP ESAPI Project including objects and/or references to libraries for security applications all this aligned with OWASP Top10 and OWASP Guide .
  • Create Documentation aligned to OWASP Code Review Project Checklist providing additional technology-specific checks.
  • Addition of expression for Code Review Tool to support Classic ASP applications.
  • Implementation of Version 1 of Stinger for ASP either by using an installable COM library or ISAPI.
  • This same module will compliment the OWASP Validation Documentation Project.
Project key Information Project Leader
Juan Carlos Calderon
Project Contributors
(if any)
Mailing list
Subscribe here
Use here
License
Creative Commons Attribution Share Alike 3.0
Project Type
Tool
Sponsors
OWASP SoC 08
Release Status Main Links Related Projects

Provisory Alpha Quality
Please see here for complete information.

OWASP Classic ASP ESAPI ZIP

OWASP Enterprise Security API


PHP

.NET

Cold Fusion

Haskel