OWASP Security JDIs Project

From OWASP
Jump to: navigation, search

Overview

The aim of this project is to build up a collection of practical solutions to specific security problems.

Rather than give explanations of security issues and defensive techniques - something which is done by Cheat Sheets and HOWTOs - the JDIs will consist of detailed, explicit instructions addressing specific issues using specific technology.

Like recipes, a JDI may suit some tastes more than others and, again like recipes, there can be more than one JDI for the same problem.

The benefits will be

  • practical, if limited, solutions for developers without them first having to become an expert in the problem space - something which time often does not permit
  • usable code which can be a practical introduction to defensive technologies, such as ESAPI, AntiSamy, etc.

The project will

  1. endeavour to source a suitable solutions to specific, practical problems on request, and
  2. adopt solutions already developed by developers and/or security specialists which they would like to share.

Project Pages

JDI Collection

Development Process

JDI Pro-forma

OWASP Project Page