The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.

LicenseBSDCC-BY-SA 3.0
Tagsowasp
Organization The Open Worldwide Application Security Project (OWASP)
HomePage https://owasp.org/www-project-enterprise-security-api/
DateJun 03, 2025
Filespom (44 KB)  jar (445 KB)  View All
RepositoriesCentral
Ranking#3725 in MvnRepository (See Top Artifacts)
Used By141 artifacts
VulnerabilitiesVulnerabilities from dependencies:
CVE-2025-48976
CVE-2025-48924
CVE-2025-46392

Note: There is a new version for this artifact

New Version2.7.0.0

Scope:
Scope:
Format:
Scope:
Scope:
Scope:
Scope:
Scope:
Scope:

Provided Dependencies (2)

Category/License Group / ArtifactVersionUpdates
Java Spec
EPL 2.0GPL
javax.servlet » javax.servlet-api 3.1.06.1.0
Java Spec
EPL 2.0GPL
javax.servlet.jsp » javax.servlet.jsp-api 2.3.34.0.0

Developers

NameEmailDev IdRolesOrganization
Jeff WilliamsProject FounderContrast Security
Kevin W. WallProject Co-leaderVerisign
Matt SeilProject Co-leaderOWASP
Jeremiah J. StaceyJUnit SME, Jack of all trades, master of many
Chris SchmidtFormer project co-leaderFluid Truck

Mailing Lists

NameDetails
(Pre 3/25/2019) https://lists.owasp.org/pipermail/esapi-user ... Subscribe
Unsubscribe
(Pre 3/25/2019) https://lists.owasp.org/pipermail/esapi-dev/ Subscribe
Unsubscribe
OWASP-ESAPI (Inactive! Archive only!) Subscribe
Unsubscribe