[WASC-WAFEC] Proposed "Conflict of Interest" Section?

Christian Heinrich christian.heinrich at cmlh.id.au
Thu Jul 18 21:31:31 EDT 2013


I have just reviewed

I have noticed that three out of the seven people (~42%) listed as
"contributors" are from a single WAF vendor (who I have deliberately
not named), including their SVP of Marketing.

To avoid the greater webappsec community (false or otherwise) claiming
that the WAFECv2 has been subverted by a single WAF vendor (who I have
deliberately not named) can we please include a "Conflict of interest"
section that WAFECv2 has been reviewed by other WAF vendors too i.e.
based on http://projects.webappsec.org/w/page/54150727/WAFEC%202#Reviewers
this would include "Barracuda Networks", F5, "Mykonos, a Juniper
Company", etc

I am wiling to contribute this small section if you don't have the time?

Obviously, the optimal solution would be to have shared contributors
from at least two WAF vendors per section (if the contributor is not a
WAF vendor or reseller) and perhaps we can introduce this policy in
the development of WAFECv3?

Christian Heinrich


More information about the wasc-wafec mailing list