OWASP Security JDIs Project

From OWASP
Jump to: navigation, search
[edit]

Background

The aim of this project is to build up a libary of practical solutions to specific security problems.

Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs - the JDIs will consist of detailed, explicit instructions addressing specific issues using specific technology.

Like recipes, a JDI may suit some tastes more than others and, again like recipes, there can be more than one JDI for the same problem.

The benefits will be

  • practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
  • usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.


The Process

The project will

  1. endeavour to source a suitable solutions to specific, practical problems on request, and
  2. adopt solutions already developed by developers and/or security specialists which they would like to share.


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Security JDIs Project (home page)
Purpose: A project to build a library of concise, actionable, technology specific instructions detailing good practice on avoiding or closing specific vulnerabilities.

Security HOWTOs for people who may not have time to study a problem in depth but need to secure their application.

License: Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects)
who is working on this project?
Project Leader(s):
  • Edwin Aldridge @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Edwin Aldridge @ to contribute to this project
  • Contact Edwin Aldridge @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases