OWASP AppSensor co-project leader John Melton has published two further AppSensor v2 assets.
AppSensor defines how to implement application intrusion detection and automated response.
John has designed, coded and written a new standalone website for AppSensor. It was published on Friday and includes a brief description of the concept, an overview, getting started information and a user guide for the reference implementation. In John's words, the objectives were to:
- Explain the high level concept in a simple way and point people back to the project site and the book for more detail
- Give developers a nice entry point to the project - modelled after other framework/library sites
- Give us more flexibility in how we present the project (not just wiki format)
- In the future, hoping to have live demos.
I think it succeeds on the first three of these, and I will help if I can with the final statement.
To provide feedback or to contribute, please use the project's general mailing list.
Code 2.0.0 beta
If the new website wasn't enough, John has also been putting in many hours of coding to finish developing the new standalone version AppSensor reference implementation. On Sunday he announced the beta release of version 2.0.0.
The reference implementation currently supports three execution modes:
- REST web service
- SOAP web service
- Local (embedded Java).
John is hoping a final release can be arranged for October/November.
To provide feedback or to contribute, please use the project's code development mailing list.
So the AppSensor project now has a new guide, a new website, and will imminently have a final release of the version 2 code. I am thrilled. I will be highlighting this new code when I speak at the London API event tomorrow evening. If you are attending that, I will have some free printed copies of the AppSensor Guide with me — if you would like one, please ask me a question about AppSensor.