OWASP ESAPI 2.0GA released

OWASP ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. The ESAPI for Java library is designed to make it easier for programmers to retrofit security into existing applications. ESAPI for Java also serves as a solid foundation for new development.

For more information, please visit our Wiki.


  • Upgrade baseline to use Java5
  • Completely redesigned and rewrote Encryptor
  • New and Improved Validation and Encoding Methods
  • Complete redesign of the ESAPI Locator and ObjectFactory
  • More unit tests
  • ESAPI Jar is now Signed with an OWASP Code Signing Certificate
  • ESAPI Jar is Sealed
  • And much, much more


NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"