[WASC-WAFEC] WASC/OWASP Web, Application Firewall Evaluation Criteria at AppSec EU2013

Christian Heinrich christian.heinrich at cmlh.id.au
Tue Nov 13 17:28:32 EST 2012


I believe it should considering it would affect the WASC brand as part
of its promotion?

On Wed, Nov 14, 2012 at 9:26 AM, Robert A. <robert at webappsec.org> wrote:
> Quick question.
> Should a workshop or training session be part of a wafec discussion? I see
> that people will want to give a talk on it which is fantastic, but I guess I
> see it as a separate thing not directly associated/promoted by the project
> itself.
> Regards,
> - Robert A.
> http://www.cgisecurity.com/
> http://www.webappsec.org/
> http://www.qasec.com/
> On Wed, 14 Nov 2012, Christian Heinrich wrote:
>> Ofer,
>> I believe the intended audience of a workshop would be:
>> 1. WAF Vendor(s) preparing documentation to support WAFEC.
>> 2a. https://www.nsslabs.com/, https://www.icsalabs.com/, etc
>> preforming independent verification of WAFEC against WAF Vendor claim
>> on behalf of an end user.
>> 2b. http://www.dsd.gov.au/infosec/aisep/providers.htm with the
>> specific end user being Government.
>> 3. End User evaluating WAF solutions based on a combination of the above.
>> On Wed, Nov 14, 2012 at 9:09 AM, Ofer Shezaf <ofer at shezaf.com> wrote:
>>> I think that a presentation is a no brainer. As to workshop, since I
>>> really hope we would have a result to show, workshop for discussion would
>>> not be very useful. A training workshop would require an agenda and a
>>> commitment of a trainer to prepare a quality course that people will pay
>>> for. I personally am not sure what would be the content of such a training
>>> session. If anyone has a clear ideas as to what that be, we can either
>>> launch that as a WAFEC initiative or leave it to anyone who think it is a
>>> good business to do.
>> --
>> Regards,
>> Christian Heinrich
>> http://cmlh.id.au/contact
>> _______________________________________________
>> wasc-wafec mailing list
>> wasc-wafec at lists.webappsec.org
>> http://lists.webappsec.org/mailman/listinfo/wasc-wafec_lists.webappsec.org

Christian Heinrich


More information about the wasc-wafec mailing list