OWASP ESAPI - A Retrospective: The Good, the Bad, and the Ugly

Explore the history and impact of OWASP ESAPI, one of the first comprehensive security libraries for web applications, in this 47-minute conference talk by Kevin Wall, Senior Application Security Engineer at Guaranteed Rate. Delve into the "lessons learned" from ESAPI's development since 2007, examining what was done right, what went wrong, and the controversial hacks that many wish had been approached differently. Gain insights into the unique challenges of supporting a security library through three key perspectives: people, process, and technical details. Understand the evolution of web application security controls and defenses against common vulnerabilities, and learn from the experiences of this pioneering project managed by the OWASP® Foundation.

OWASP ESAPI – A Retrospective: The Good, the Bad, & the Ugly - Kevin Wall