[nycphp-talk] Enterprise Security API OWASP call for volunteers
chsnyder at gmail.com
Fri Nov 14 10:57:50 EST 2008
On Thu, Nov 13, 2008 at 8:05 PM, cybermalandro cybermalandro
<cybermalandro at gmail.com> wrote:
> Hi list,
> I don't know if many of you are aware of the Enterprise Security API. The
> ESAPI is a free and open collection of all the security methods that a
> developer needs to build a secure web application. You can just use the
> interfaces and build your own implementation using your company's
> infrastructure. Or, you can use the reference implementation as a starting
> point. The Java and .Net version of the ESAPI are complete and now we are
> trying to wrap up the PHP version of the ESAPI. We are looking for
> volunteers who can help us wrap this up as quickly as possible so we can
> make it available to the PHP community. If you are interested please check
> the project page http://www.owasp.org/index.php/ESAPI and subscribe to the
> maling list. We need your support!
> OWASP - Global Education Committee
Whatever happened to "Fast, cheap, secure, choose any two?"
OK, sorry, I couldn't resist. Is there *succinct* documentation of the
various interfaces that make up the ESAPI?
Is there any talk of working support into the Zend framework? Are
developers of other PHP frameworks looking at this yet?
More information about the talk