[Esapi-user] Feedback Request for OWASP ESAPI for C++

dan.amodio at owasp.org dan.amodio at owasp.org
Thu Jan 26 20:08:19 UTC 2012


We are currently working on an open source project for OWASP, creating a  
C++ API of enterprise security controls. Your feedback on this project  
would be greatly appreciated. Included is a short survey. The Enterprise  
Security API (ESAPI) has already been defined for Java EE. We are well  
aware that requirements of security controls for the C++ language may vary  
to some degree. Undoubtedly, some of the largest security concerns stem  
from memory management, which we are not providing a solution for at this  
time. So far, we are focusing on several items taken from the ESAPI 2.0 for  
Java specification. However, there are some questions we have specific to  
some of these security sections. Mainly, the Java ESAPI has a heavy slant  
towards web applications, which we know is not the norm for C++. Therefore,  
we are looking for other areas where common security controls might help  
the C++ community. It would be useful to know what types of security issues  
commonly face C++ developers. Let us know how hackers attack and break your  
code so we can help provide the appropriate security controls to prevent  
it. None of the questions are required, but please try to provide as much  
information as possible. Thank you for giving this your attention. We hope  
that creating an ESAPI for C++ will make it easier for developers to write  
more secure applications.


I've invited you to fill out the form Feedback Request for OWASP ESAPI for  
C++. To fill it out, visit:
https://docs.google.com/spreadsheet/viewform?formkey=dE5feWtjYlBNU05lV1FxTGNLVExIMVE6MQ


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20120126/375ebd7e/attachment.html>


More information about the Esapi-user mailing list