Re: [Announcement] oPortal - OWASP Portal Beta Site

[dave () immunitysec com]

Looks great! Very responsive as well, which is always surprising. What
database are you using?

I would suggest SPIKEing it - always a good idea. There's all sorts of
bugs in Tomcat. I'm not sure if you use tomcat or not, but you might. hmm.
Apparantly you use Coyote 1.0. Yeah, I'd definately SPIKE that to make
sure you aren't using "secure" in vain. ;>

If I had a magic wand, I'd add a list of tools with screenshots and
feature lists and download POCs, sortable by OS. Also a big list of papers
all in one place would be nice.

Also, fix this in Quick Links: "# WebGoat – an interactive web"

Little yellow bullets on each of the secondary headings, like "Main"
"Guide" and so on, would help the viewer's eye catch those. I completely
missed them the first time I looked at it. Those are really important, and
deserve some visual recognition.


Dave Aitel
Quality Assurance Team Lead
Immunity, Inc.
"Hacking Like It Is In The Movies!": http://www.immunitysec.com/CANVAS/
(now with added 0day, part of your complete breakfast!)




> Hello Everyone!
>
> As mentioned previously by Mark Curphey (this list's moderator, OWASP
> Founder), myself, Ben Poweski, and Ingo Struck have been developing a
> Portal Framework with security as a theme.  We have been working since
> Q4 of last year to present.  And I want everybody to understand that
> this is a best-effort from mere mortals ;)
>
> Here is the URL:
>
> http://beta.owasp.org
>
>
> Please understand that there *are* bugs and most likely a bunch of
> things that we have missed, or have not gotten to work on as of yet.
>
> Here is what is currently working:
>
> Caching Framework
> XSL Document Transformation Framework
> Docbook Presentation Framework (Currently supports PDF and HTML)
> RDF/RSS News Feeds  (incoming and outgoing)
> Full Text Searching
> Content Management
>
> Here is what will be ready in the full release (And current Status):
>
> Forums (50% complete)
> Document Workflow Management (50% Complete)
> User Management (50% Complete)
> Session Management with Proper Preventative Measures (20% Complete)
> Complete Filtering Toolkit (20% Complete)
>
>
> Day by day we are completing the above features.  However they are
> extremely complex to implement correctly.
>
>
> I am extremely proud of our effort and I look forward to improving the
> maturity of oPortal everyday.  Keeping in mind that we will have a full
> release within 12 months of inception, I feel that we have accomplished
> an daunting task!
>
> We hope to grow oPortal into the #1 Open Source standards based Portal
> Framework.
>
> Regards,
>
> David Raphael
> oPortal Architect / Designer / Evangelist
>
> and
>
> Ben Poweski
> oPortal Developer / Infrastructure Specialist / Design Guru