J2EE Community Creates HDIV Framework

Main Menu

Finally, a plain-sense handbook for testers that teaches the mechanics of security testing. Belying the usability of the "recipe" approach, this book actually arms the tester to find vulnerabilities that even some of the best known security tools can't find.

Matt Fisher,
Founder and CEO Piscis LLC

J2EE Community Creates HDIV Framework

Written by Paco Hope

The Java EE community has been talking about a new open source framework called HDIV (HTTP data integrity validator) that is used to help protect web apps. The framework is used to provide: data integrity, data confidentiality, generic validation, random tokens (to prevent CSRF), and monitorization. HDIV is designed to work with popular Java web-app frameworks like Struts 1, Struts 2, Spring MVC, JSF and MyFaces. Roberto Velasco and Gorka Vicente are the original founders of the project.

There's no silver bullet, but this a step in the right direction. You can read more about HDIV at the following links:

follow pacohope at http://twitter.com/

follow OWASP NoVA at http://twitter.com/