OWASP Enterprise Security API (ESAPI) Toolkits help software developers guard against security-related design and implementation flaws. Just as web applications and web services can be Public Key Infrastructure (PKI) enabled (PK-enabled) to perform for example certificate-based authentication, applications and services can be OWASP ESAPI-enabled (ES-enabled) to enable applications and services to protect themselves from attackers. Further development of ESAPI occurs through mailing list discussions and occasional workshops, and suggestions for improvement are welcome. For more information, please contact us: Project Lead: Andrew van der Stock and Project Manager Mike Boberski -- Email Mike if you would like to contribute to the project!