[WEB SECURITY] OWASP ESAPI WAF released

Jim Manico jim at manico.net
Tue Nov 17 18:22:28 EST 2009


This is part of the ESAPI-Java project. It's a Java SWAF (Software Web  
Application Firewall) that can be deployed integrated into your web  
app as a Java filter.

Remarkably, since you are "inside the app" you have direct access to  
standard Java application artifacts like the database connection pool,  
etc.

This is of course, open source. Check it out!

Jim Manico

On Nov 17, 2009, at 2:05 PM, robert at webappsec.org wrote:

> During AppsecDC OWASP published their version of a web application  
> firewall.
>
> Release: http://i8jesus.com/?p=96
> Preso Info: http://www.owasp.org/index.php/The_ESAPI_Web_Application_Firewall_%28ESAPI_WAF%29
> Appsec Slides: http://www.slideshare.net/llamakong/owasp-esapi-waf-appsec-dc-2009
>
> Has anyone looked into this or tried it out yet?
>
> - Robert
> http://www.webappsec.org/
> http://www.cgisecurity.com/
>
>
> --- 
> --- 
> ----------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list