OWASP Security JDIs Project

Revision as of 11:08, 7 May 2013 by Edwin Aldridge (talk | contribs) (First version)

Jump to: navigation, search


The aim of this project is to build up a libary of practical solutions to specific security problems.

Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs - the JDIs will consist of detailed, explicit instructions addressing specific issues using specific technology.

Like recipes, a JDI may suit some tastes more than others and, again like recipes, there can be more than one JDI for the same problem.

The benefits will be

  • practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
  • usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.

The Process

The project will

  1. endeavour to source a suitable solutions to specific, practical problems on request, and
  2. adopt solutions already developed by developers and/or security specialists which they would like to share.

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Security JDIs Project (home page)
Purpose: A project to build a library of concise, actionable, technology specific instructions detailing good practice on avoiding or closing specific vulnerabilities.

Security HOWTOs for people who may not have time to study a problem in depth but need to secure their application.

License: Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects)
who is working on this project?
Project Leader(s):
  • Edwin Aldridge @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Edwin Aldridge @ to contribute to this project
  • Contact Edwin Aldridge @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases