[Owasp-leaders] OWASP Python Security first release

Eoin Keary eoin.keary at owasp.org
Mon Mar 24 13:59:01 UTC 2014

This is a great addition to the owasp portfolio.

Eoin Keary
Owasp Global Board
+353 87 977 2988

On 24 Mar 2014, at 00:00, Enrico Branca <enrico.branca at owasp.org> wrote:

> Dear OWASP Leaders,
> I am glad to inform that after one year of preparation, OWASP Python
> Security (Pysec) Project team has published the first release.
> OWASP Python Security (Pysec) is a project that aims at creating a
> hardened version of python that makes it easier for security
> professionals and developers to write applications more resilient to
> attacks and manipulations.
> We are publishing our code as PRE-ALPHA version, under heavy development
> and NOT to be used in any production environment. Code is being
> commented and we are drawing structural specifications, documentation
> will follow shortly after.
> Parallel to the code development we are working on a manual on secure
> coding in python that will be released as soon as we will have the first
> stable version, hopefully within six month.
> Still a long way from being ready for real use but we feel is a
> significant step forward in reaching our goals, and we hope some of you
> may get involved in this project as well.
> Project website:
> http://www.pythonsecurity.org/
> Development roadmap:
> http://www.pythonsecurity.org/#roadmap
> Development repository:
> https://github.com/ebranca/owasp-pysec
> Some of OWASP Pysec features
> -----------------------------------------------
> + Custom libraries in C and Python with functional controls
> + Import functions with version control and hash check for integrity
> + Logging supports flow controls, checkpoints and external handlers
> + Error handling and detection using finite state automata
> + Library for on-disk data structures and information storage
> + File operation library with data verification and file system hooks
> + Splitters for sequence-like objects to improve memory usage and speed
> Current OWASP Pysec "work in progress"
> -----------------------------------------------
> + Multi-purpose Queue Library
> + Logging thread-safe and multiprocess/multithread aware
> + Hardened protocol libraries for POP3/SMTP/IMAP4/FTP
> + Internal control library to enforce type and data verification
> + Library to enable process and permission controls on OS objects
> + Library to include OWASP ESAPI specifications and security controls
> We would love to hear your feedback on this project, bug reports,
> suggestions and contributions are all very welcome.
> Thank you,
> Enrico Branca
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list