The OWASP ESAPI for C Plus Plus has been under development for some time, and we introduced it to the community at AppSec DC 2012. ESAPI is a free, open source, application security control library that makes it easier for programmers to write lower-risk applications. The goal of the ESAPI for C++ is to be cross-platform, and compiler agnostic.
Here are some key takeaways from the presentation:
- ESAPI Project Overview, and why a C Plus Plus implementation is necessary.
- Our approach to porting the ESAPI for Java API and a demonstration.
- The future of ESAPI (3.0), and how to get involved.
You can catch the slides and video of the presentation below.
ASDC12-Enterprise_Security_API_ESAPI_for_C_Plus_Plus.pdf
Enterprise Security API (ESAPI) For C Plus Plus with Dan Amodio, Aspect Security from OWASP DC on Vimeo.
Resources:
- ESAPI for C Plus Plus on Google Code
- ESAPI for C Plus Plus Mailing List. Come say hello!
Posted on December 1, 2012