ESAPI Summit

Summit Overview
The first OWASP ESAPI Summit was held December 9-11, 2008. It was hosted by Aspect Security in their Columbia, MD office.

The following were the attendees of the Summit:


 * Jeff Williams, Aspect Security - ESAPI Project Lead
 * Dave Wichers, Aspect Security - ESAPI Java Committer
 * Ron Monzillo, Sun Microsystems - Java EE Security Architect
 * Arshan Dabirsiaghi, Aspect Security - OWASP Intrisic Security Working Group Chair
 * Jerry Hoff, Aspect Security
 * Mike Fauzy, Aspect Security
 * Kevin Fealey, Aspect Security - ESAPI Swingset Lead
 * Jim Manico, Aspect Security - ESAPI Java Committer
 * Steve Lavenhar, Booz Allen Hamilton
 * Lian Jin, Booz Allen Hamilton
 * John Steven, Cigital, Technical Director
 * Joel Winstead, Cigital
 * Alex Smolen, Foundstone - ESAPI .NET Lead
 * Andy Miller, Lockheed Martin
 * John Munsch, Lockheed Martin
 * Steve Christey, MITRE - CVE/CWE Project Lead

The following pages contain our thoughts/results from the summit.

Summary: TODO

Links

 * ESAPI Charter
 * ESAPI Roadmap
 * ESAPI Adoption Strategy
 * ESAPI Framework Strategy
 * ESAPI Assurance
 * ESAPI Documentation
 * ESAPI Marketing
 * ESAPI Tooling
 * ESAPI Static Analysis Support
 * ESAPI Performance
 * ESAPI Internationalization
 * ESAPI Installation

Design

 * ESAPI API

Features

 * ESAPI Validation
 * ESAPI Canonicalization
 * ESAPI Encoding
 * ESAPI Authentication
 * ESAPI Session Management
 * ESAPI Access Control
 * ESAPI Encryption
 * ESAPI Randomizer
 * ESAPI Error Handling
 * ESAPI Logging
 * ESAPI Intrusion Detection
 * ESAPI HTTP Protection
 * ESAPI Utilities
 * ESAPI Filters