[Esapi-user] [Esapi-dev] JUG Presentation

Kevin W. Wall kevin.w.wall at gmail.com
Sun May 9 20:08:50 EDT 2010

Jarret Raim wrote:
> All,
> I'm currently working on a presentation about ESAPI for
> the next JUG meeting here in San Antonio. I'm still in the beginning
> stages, but I wanted to reach out to everyone and get some suggestions
> of resources that I might use.
> Obviously, I've been looking at the current OWASP site and I found
> the Aspect presentation. One specific thing I was looking for is a
> chart of what the status of the different language implementations
> is? Has anyone created something like that already?
> My current plan is something like this:
>  * Intro - The first couple of slides will be an intro to the project.
>    This would include the goals, who's using it, the vision and the
>    different langauge implementations.
>  * Architecture - The overall architecture and how it fits into JEE
>  * Examples - Run through the major APIs with examples
>  * Future Work
>  * Conclusions
> If anyone has any resources or topics they think are critical to
> cover, let me know. I'd love to have some war stories to pass on
> as well, the ones on the site are just one liners.


First of all, please keep us in the loop with how this goes and I would
encourage you to "donate" your slide deck either on the ESAPI wiki or
elsewhere. (I'm sure that Mike Boberski could find a spot for it.)

There are others that have talked about doing this. You have already found
Jeff's presentation. I think Chris Schmidt was working on one, but I don't
know how far he's gotten. I have been asked to prepare a similar talk for
our local chapter of IEEE CS and possibly for the Security MBA group (that's
MBA as in "Masters of Beer Appreciation", http://thesecuritymba.org/ ;-)
Originally they wanted that back in March/April time frame, but I told them
I wanted to wait until ESAPI 2.0 was GA.

Anyway, I think it would be great if we could share these slide decks in a
common place so we could all benefit from them. I know that I shall be doing
that with mine once I have it written.

Finally, AFAIK, no one has produced a chart of the status of all the different
language implementations. (Or at least I have not seen one if there is.) Your
best bet would probably try to gather a status update for each of them by
contacting the individual project leads.

And if you are looking for "war stories", you might find better luck on the
ESAPI-Users list for that. I am CC'ing them with this reply.

Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME

More information about the Esapi-user mailing list