[Owasp-board] ESAPI - results
johanna curiel curiel
johanna.curiel at owasp.org
Sun Jun 15 01:39:49 UTC 2014
Kevin , Jim
What I'm really interested as Java programmer is which
features/functionalities does ESAPI Java contain that I can't find anywhere?
I think we need to promote those ones that :
- A java Programmer needs in order to secure their applications
- Cannot be found anywhere only in ESAPI
What is ESAPI Java unique selling proposition?
Regarding the status I think the best is to leave it in LAB status
considering the maturity level and what we need is to re-think a
selling/marketing strategy proposition to promote esapi and maybe focus in
those features that are a must-have, unique of ESAPI.
If ESAPI Java does not have unique features then the chance of surviving
decreases as java programmers will find easier to install plugins through
the marketplace or use built in functionalities in existing Java Frameworks.
What do you think?
On Sat, Jun 14, 2014 at 9:28 PM, Jim Manico <jim.manico at owasp.org> wrote:
> > ....and just try to reach a point of stability where ESAPI
> is not bleeding too badly.
> Exactly. Make it usable and not in of itself vulnerable, and I support
> returning it to Flagship, for what it's worth.
> •••• I do not want to lose sight that this is Johannas call, not mine.
> Jim Manico
> (808) 652-3805
> > On Jun 15, 2014, at 9:13 AM, "Kevin W. Wall" <kevin.w.wall at gmail.com>
> > I think we should
> > deal with the realistic assumption that it is unlikely there will be
> > an ESAPI 3.0 (at least anytime soon, and by "soon" I mean within
> > a year or less) and just try to reach a point of stability where ESAPI
> > is not bleeding too badly. To me, that means that we would
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-board