cfesapi needs your feedback

[Damon Miller]

The CFESAPI project is alive! (pause for applause)

The project is currently being hosted at: https://github.com/damonmiller/cfesapi

I'm not sure if this group is devs interested in helping with the
project or for devs using the project.

Either way, please take a look. It is still in development status but
it is very functional. Feedback is always welcome, both good and
bad. The good feedback makes the project look better, the bad
feedback will make the project better. So don't be shy either way!

Thanks
--Damon

[Ron Stewart]

@damon: Definitely interested in this. A co-worker at MAX this week pointed me to this, as we have been working on our own framework that provides some of the same elements on a much smaller scale basis and in a manner that can easily (read: quickly) be refactored into existing applications. I will do some digging into this, particularly in looking at it from that same mindset (to what extent can this readily be refactored, particularly on a piecemeal basis into an existing application architecture and application).

I've spent some time digging around on the OWASP site, and I have to admit I am a bit frustrated trying to find even a decent overview of what ESAPI is and does. Pointers toward decent overviews, etc., would be greatly appreciated.

-- 

/ron

[dt]

Have you tried the following owasp/esapi information sources?  The
JavaDoc 1.4 I find can be high level informative too.  

Don't Write Your Own Security Code - The Enterprise Security API
Project:https://www.owasp.org/images/3/3d/ESAPI_for_OWASP.pdf

Establishing a Security API for Your Enterprise:
https://www.owasp.org/images/7/79/ESAPI_Book.pdf


DT 

--
You received this message because you are subscribed to the Google Groups "cfesapi" group.
To view this discussion on the web visit https://groups.google.com/d/msg/cfesapi/-/jKLPe4njxmgJ.
To post to this group, send email to cfe...@googlegroups.com.
To unsubscribe from this group, send email to cfesapi+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/cfesapi?hl=en.

[Ron Stewart]

@DT: Thanks, those look like decent starting points. I'm now trying to figure out:

1) How I missed them on the OWASP site

2) How they got a picture of one of our apps for that second slide in the preso.

-- 

/ron

[Damon Miller]

Thanks DT!

On Oct 4, 11:00 am, dt <damientru...@hotmail.com> wrote:
> Have you tried the following owasp/esapi information sources?  The
> JavaDoc 1.4 I find can be high level informative too.  
>
> Don't Write Your Own Security Code - The Enterprise Security API
> Project:https://www.owasp.org/images/3/3d/ESAPI_for_OWASP.pdf
>
> Establishing a Security API for Your Enterprise:https://www.owasp.org/images/7/79/ESAPI_Book.pdf
>
> DT
>

> On 2011-10-04, at 10:27 AM, Ron Stewart <ron.stew...@gmail.com> wrote:
>
>
>
>
>
>
>
> > @damon: Definitely interested in this. A co-worker at MAX this week pointed me to this, as we have been working on our own framework that provides some of the same elements on a much smaller scale basis and in a manner that can easily (read: quickly) be refactored into existing applications. I will do some digging into this, particularly in looking at it from that same mindset (to what extent can this readily be refactored, particularly on a piecemeal basis into an existing application architecture and application).
>
> > I've spent some time digging around on the OWASP site, and I have to admit I am a bit frustrated trying to find even a decent overview of what ESAPI is and does. Pointers toward decent overviews, etc., would be greatly appreciated.
>
> > --
> > /ron
>
> > --
> > You received this message because you are subscribed to the Google Groups "cfesapi" group.

> > To view this discussion on the web visithttps://groups.google.com/d/msg/cfesapi/-/jKLPe4njxmgJ.