[nycphp-talk] Enterprise Security API OWASP call for volunteers

csnyder chsnyder at
Fri Nov 14 10:57:50 EST 2008

On Thu, Nov 13, 2008 at 8:05 PM, cybermalandro cybermalandro
<cybermalandro at> wrote:
> Hi list,
> I don't know if many of you are aware of the Enterprise Security API. The
> ESAPI is a free and open collection of all the security methods that a
> developer needs to build a secure web application. You can just use the
> interfaces and build your own implementation using your company's
> infrastructure. Or, you can use the reference implementation as a starting
> point. The Java and .Net version of the ESAPI are complete and now we are
> trying to wrap up the PHP version of the ESAPI. We are looking for
> volunteers who can help us wrap this up as quickly as possible so we can
> make it available to the PHP community. If you are interested please check
> the project page and subscribe to the
> maling list. We need your support!
> Regards,
> Kuai
> OWASP - Global Education Committee

Whatever happened to "Fast, cheap, secure, choose any two?"

OK, sorry, I couldn't resist. Is there *succinct* documentation of the
various interfaces that make up the ESAPI?

Is there any talk of working support into the Zend framework? Are
developers of other PHP frameworks looking at this yet?

More information about the talk mailing list