[Esapi-user] [Esapi-dev] ESAPI WAF
jeff.williams at aspectsecurity.com
Mon Nov 1 00:05:42 EDT 2010
My opinion is that every web application needs a way to quickly patch
vulnerabilities when they are discovered until they can get fixed right.
To me, this is a fundamental security control and something that falls
squarely into the ESAPI mission.
From: esapi-dev-bounces at lists.owasp.org
[mailto:esapi-dev-bounces at lists.owasp.org] On Behalf Of Jim Manico
Sent: Monday, November 01, 2010 12:00 AM
To: ESAPI-Developers; ESAPI Users List; Arshan Dabirsiaghi
Subject: [Esapi-dev] ESAPI WAF
Is anyone using the ESAPI WAF? I'd love to hear about your experiences
I personally want to remove it from the code-base, but I do acknowledge
that it solves a crucial political itch for PCI-DSS that is important.
Luckily, Arshan has offered to clean up that code before the 2.0
Esapi-dev mailing list
Esapi-dev at lists.owasp.org
More information about the Esapi-user