[Owasp-appsensor-project] appsensor v2 code
jtmelton at gmail.com
Mon Mar 17 05:35:07 UTC 2014
I've been plugging away on v2 of the code for a bit now, and am asking for
help at this point. Link to v2 of the code:
The code has been fully rewritten. The main reason for the rewrite was to
allow a client-server style model as opposed to requiring appsensor be
fully embedded in the application. You can now have a central server
collecting events from multiple applications and performing analysis. These
front-end applications can be in any language as long as they speak
rest/soap. There's been a host of other changes, but this was the primary
I've lined up a bunch of starter ideas below, but if you want to work on
ANYTHING, please let me know.
- analysis engine - different versions could be built, ie stochastic vs.
statistical vs. behavioral, etc. (written in java)
- web services - currently working on these, but need handlers for
rest/soap in the backend (java)
- implementations of core storage components - current implementations are
in-memory, but we'll want file-backed, database-backed (sql/nosql), etc.
- unit tests / integration tests for the analysis engine (java)
- sample detection point implementations (any language)
- sample client applications / demos using appsensor (any language)
- reporting services apis (java)
- reporting client UI - need a reference front-end to visualize and manage
the data (any language, but should be web-based) - see also UX below
- It would be awesome to provide a default UI for event visualization and
management. This could be a big, fun project.
- configuration scripts / tutorials for different web / application
servers. We need to show how to setup the authentication for client
applications since that will be done by the web/app servers and not the
analysis engine itself. Essentially, this is setup and documentation of
reverse proxy configuration. We can lean heavily on web server
documentation here. (documentation / scripting)
- end-user documentation guidance (documentation)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-appsensor-project