[Owasp-egypt] Fwd: [Owasp-leaders] OWASP Python Security first release

Mohamed Alfateh mohamed.alfateh at owasp.org
Mon Mar 24 15:07:40 UTC 2014


FYI,
This is a great addition to the owasp projects portfolio.


---------- Forwarded message ----------
From: Enrico Branca <enrico.branca at owasp.org>
Date: Mon, Mar 24, 2014 at 2:00 AM
Subject: [Owasp-leaders] OWASP Python Security first release
To: owasp-leaders at lists.owasp.org


Dear OWASP Leaders,

I am glad to inform that after one year of preparation, OWASP Python
Security (Pysec) Project team has published the first release.

OWASP Python Security (Pysec) is a project that aims at creating a
hardened version of python that makes it easier for security
professionals and developers to write applications more resilient to
attacks and manipulations.

We are publishing our code as PRE-ALPHA version, under heavy development
and NOT to be used in any production environment. Code is being
commented and we are drawing structural specifications, documentation
will follow shortly after.

Parallel to the code development we are working on a manual on secure
coding in python that will be released as soon as we will have the first
stable version, hopefully within six month.

Still a long way from being ready for real use but we feel is a
significant step forward in reaching our goals, and we hope some of you
may get involved in this project as well.

Project website:
http://www.pythonsecurity.org/

Development roadmap:
http://www.pythonsecurity.org/#roadmap

Development repository:
https://github.com/ebranca/owasp-pysec

Some of OWASP Pysec features
-----------------------------------------------
+ Custom libraries in C and Python with functional controls
+ Import functions with version control and hash check for integrity
+ Logging supports flow controls, checkpoints and external handlers
+ Error handling and detection using finite state automata
+ Library for on-disk data structures and information storage
+ File operation library with data verification and file system hooks
+ Splitters for sequence-like objects to improve memory usage and speed

Current OWASP Pysec "work in progress"
-----------------------------------------------
+ Multi-purpose Queue Library
+ Logging thread-safe and multiprocess/multithread aware
+ Hardened protocol libraries for POP3/SMTP/IMAP4/FTP
+ Internal control library to enforce type and data verification
+ Library to enable process and permission controls on OS objects
+ Library to include OWASP ESAPI specifications and security controls

We would love to hear your feedback on this project, bug reports,
suggestions and contributions are all very welcome.

Thank you,
Enrico Branca
_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-egypt/attachments/20140324/a2061b66/attachment.html>


More information about the Owasp-egypt mailing list