[WASC-WAFEC] WAFEC v2.0 at AppSecUSA 2016 Project Summit

Tony Turner tony.turner at owasp.org
Thu Sep 8 16:50:43 EDT 2016


I just wanted to drop a note to the list to first off say, "No, we are not
dead". We've had a lot of people state their interest after we ran our last
CFV, but no real output to speak of. I believe I responded back to anyone
that expressed interest, if I missed you please get in touch. We still need
content developed for (or compelling reasons why it should be removed from
scope):

   - Differences between WAFs and next-generation firewalls and intrusion
   prevention systems
   - Performance and reliability criteria
   - Anti-automation/anti-bot capabilities
   - Anti-fraud capabilities, credential theft
   - Threat intel/reputation capabilities
   - Hybrid and cloud deployment models (Diving into CDN technology would
   be useful)

With that out of the way, we've revised the roadmap and pushed out the
planned 3.0 release until late 2017 (or sometime after 2.0) and pushed the
(very long overdue) planned 2.0 release to early 2016. The intent is to
produce a deliverable at the AppSecUSA Project Summit on October 11-12 that
is mostly complete. We will then distribute that document to this list for
a peer review period before a beta release in Q1.

For those of you that already contributed comments or reached out to me,
thank you! For the rest of you, we still need your help, and coming out to
the project summit would be a great way to do so. Even if you cannot attend
the Project Summit in person, we have a project-wafec channel setup in the
OWASP Slack team that has not been used at all really but would be a great
way for remote collaboration combined with our working Google doc. I'll
send out more details on the summit in the next couple weeks as I receive
more logistics details from the conference team.

Register for the OWASP Slack team at https://owasp.herokuapp.com/

Thanks!

-- 
Tony Turner
OWASP Orlando Chapter Founder/Co-Leader
WAFEC Project Leader
STING Game Project Leader
tony.turner at owasp.org
https://www.owasp.org/index.php/Orlando
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-wafec_lists.webappsec.org/attachments/20160908/9d89632e/attachment-0002.html>


More information about the wasc-wafec mailing list