[Owasp-appsensor-project] AppSensor Demo Code Now Available

Michael Coates michael.coates at owasp.org
Wed Feb 10 14:56:36 EST 2010


Great!  Glad you were able to take a look and that it provided some value :)

I think our first target area should be to get the detection points on the
wiki. I'd like each detection point to have its on wiki page that follows a
standard format. This will include an area for sample code for the detection
point.  The other thing that would be awesome would be reusable code for the
management of the events themselves.  As you saw in my demo, I integrated
with ESAPI and created three or four extra classes to keep track of
everything.  Could you come up with a better/cleaner approach and code that
we can provide as part of the project (feel free to intergrate with ESAPI or
not, whatever makes sense)?

I'd like to be able to advertise the following about AppSensor
1. This is what we think you should be doing - This is the AppSensor
document we currently have
2. This is one way you can make this happen - This would be the event
management code you create plus our examples of detection points in code
that work with that management code.

Ideally we would eventually have AppSensorDemo v2 which would use this new
code and be a much cleaner example for developers to reference.


What do you think? Want to take a shot at item 2 while I work on getting the
detection points into the wiki?

Thanks,


Michael Coates
OWASP Global Membership Committee
AppSensor Project Lead - http://DefendTheApp.com


On Wed, Feb 10, 2010 at 1:06 PM, John Melton <jtmelton at gmail.com> wrote:

> Michael,
> Had a chance to briefly go over the code last night.  As you mentioned, a
> bit rough around the edges, but it really helped crystallize some of the
> ideas - excellent! Thanks for posting.  Like I mentioned last week on list,
> I can help out some, w/ some coding, or updating the wiki w/ the matrix we
> discussed, etc.  If you can use the help, let me know where you think the
> best place to start is, and how to go about doing so (if I need accounts,
> etc).
>
> Thanks,
> John
>
> On Wed, Feb 3, 2010 at 1:53 PM, Michael Coates <michael.coates at owasp.org>wrote:
>
>> All,
>>
>> The source code for an AppSensor demo project at http://DefendTheApp.comis now available at the Google code repository.
>>
>> http://code.google.com/p/appsensor/
>>
>> I've uploaded all of the source and a ready to go WAR file.  There is a
>> quick readme on the WAR file, make sure to check that out.
>>
>> Warning, this code is a quickly built demo. It may be messy :)
>>
>>
>>
>> Michael Coates
>> OWASP Global Membership Committee
>> AppSensor Project Lead
>>
>> _______________________________________________
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100210/b092f9bc/attachment.html 


More information about the Owasp-appsensor-project mailing list