Wednesday, June 23, 2010

OWASP AppSensor ESAPI Integration

ESAPI Team,

The AppSensor team has been working hard over the last several months to create an AppSensor jar that is ready for ESAPI integration.

AppSensor is a project to enable detailed attack intrusion and response within application by integrating "detection points" into the application itself (think detecting all access control failures, malicious input, unexpected commands and more and then correlating that against the logged in user and logging out/locking the attacker). That's just the basics, more info on AppSensor here: http://www.owasp.org/index.php/Category:OWASP_AppSensor_Project

Here are the instructions for easily updating an existing ESAPI application to use AppSensor. I encourage those interested to take a quick read and respond with any comments.


What's next:
1. We'd like to use the Getting Started guide as an initial strategy for users to begin leveraging AppSensor in their ESAPI apps. We're looking for interested parties to begin using AppSensor within ESAPI and provide their feedback.
2. It would also be great for the ESAPI config to contain the configuration line for AppSensor and a link to the getting started page.

#Use OWASP AppSensor for enhanced application intrusion detection and response
#See http://www.owasp.org/index.php/AppSensor_GettingStarted for necessary JAR and configuration
#ESAPI.IntrusionDetector=org.owasp.appsensor.intrusiondetection.AppSensorIntrusionDetector


Thoughts and feedback please.

--
Michael Coates
OWASP

No comments: