[Esapi-user] [Esapi-dev] NSA to perform ESAPI review

Chris Schmidt chrisisbeef at gmail.com
Mon Jun 14 14:03:38 EDT 2010


This is awesome news! Great job, Jeff, Jim, and Kevin on getting this going
- I look forward on hearing all the details as they get into the code
review.

Not everyday that someone can say that their code has been reviewed by the
National Security Agency. :)

On Mon, Jun 14, 2010 at 12:03 PM, Jeff Williams <jeff.williams at owasp.org>wrote:

>  All,
>
>
>
> The NSA has offered to perform an in-depth security review of ESAPI and
> make the results available. For those who don’t have much experience with
> the NSA, a major part of their mission is defense.  In the past, they
> supported the National Computer Security Conference, created the Rainbow
> Series, and sponsored the SSE-CMM.  More recently they’ve been involved in
> SCAP and SE-Linux.
>
>
>
> They have a team that is very experienced in cryptography and application
> reviews lined up already and they will be starting their work very soon.
> They are going to focus on the Java ESAPI version first, and may support
> other language versions when they’re ready – meaning their crypto is at
> least up to the Java 2.0 level.  Their initial estimate is that the review
> will take several months to complete.
>
>
>
> I’m extremely excited about this development, and I’ll keep you posted on
> their progress.
>
>
>
> --Jeff
>
>
>
> Jeff Williams, Chair
>
> The OWASP Foundation
>
>
>
> _______________________________________________
> Esapi-dev mailing list
> Esapi-dev at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-dev
>
>


-- 
Chris Schmidt

OWASP ESAPI Developer
http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API

Check out OWASP ESAPI for Java
http://code.google.com/p/owasp-esapi-java/

OWASP ESAPI for JavaScript
http://code.google.com/p/owasp-esapi-js/

Yet Another Developers Blog
http://yet-another-dev.blogspot.com

Bio and Resume
http://www.digital-ritual.net/resume.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100614/de84a659/attachment.html 


More information about the Esapi-user mailing list