I just wanted to drop a note to the list to first off say, "No, we are not dead". We've had a lot of people state their interest after we ran our last CFV, but no real output to speak of. I believe I responded back to anyone that expressed interest, if I missed you please get in touch. We still need content developed for (or compelling reasons why it should be removed from scope): - Differences between WAFs and next-generation firewalls and intrusion prevention systems - Performance and reliability criteria - Anti-automation/anti-bot capabilities - Anti-fraud capabilities, credential theft - Threat intel/reputation capabilities - Hybrid and cloud deployment models (Diving into CDN technology would be useful) With that out of the way, we've revised the roadmap and pushed out the planned 3.0 release until late 2017 (or sometime after 2.0) and pushed the (very long overdue) planned 2.0 release to early 2016. The intent is to produce a deliverable at the AppSecUSA Project Summit on October 11-12 that is mostly complete. We will then distribute that document to this list for a peer review period before a beta release in Q1. For those of you that already contributed comments or reached out to me, thank you! For the rest of you, we still need your help, and coming out to the project summit would be a great way to do so. Even if you cannot attend the Project Summit in person, we have a project-wafec channel setup in the OWASP Slack team that has not been used at all really but would be a great way for remote collaboration combined with our working Google doc. I'll send out more details on the summit in the next couple weeks as I receive more logistics details from the conference team. Register for the OWASP Slack team at https://owasp.herokuapp.com/ Thanks! -- Tony Turner OWASP Orlando Chapter Founder/Co-Leader WAFEC Project Leader STING Game Project Leader tony.turner@owasp.org https://www.owasp.org/index.php/Orlando

Hello all, Just a reminder this starts tomorrow. If you want to get involved this is a great opportunity to do so. Either stop by the AppSecUSA Project Summit tomorrow morning or Wednesday or jump on the Slack channel below for details. Thanks. Sent from my iPhone > On Sep 8, 2016, at 4:50 PM, Tony Turner <tony.turner@owasp.org> wrote: > > I just wanted to drop a note to the list to first off say, "No, we are not dead". We've had a lot of people state their interest after we ran our last CFV, but no real output to speak of. I believe I responded back to anyone that expressed interest, if I missed you please get in touch. We still need content developed for (or compelling reasons why it should be removed from scope): > Differences between WAFs and next-generation firewalls and intrusion prevention systems > Performance and reliability criteria > Anti-automation/anti-bot capabilities > Anti-fraud capabilities, credential theft > Threat intel/reputation capabilities > Hybrid and cloud deployment models (Diving into CDN technology would be useful) > With that out of the way, we've revised the roadmap and pushed out the planned 3.0 release until late 2017 (or sometime after 2.0) and pushed the (very long overdue) planned 2.0 release to early 2016. The intent is to produce a deliverable at the AppSecUSA Project Summit on October 11-12 that is mostly complete. We will then distribute that document to this list for a peer review period before a beta release in Q1. > > For those of you that already contributed comments or reached out to me, thank you! For the rest of you, we still need your help, and coming out to the project summit would be a great way to do so. Even if you cannot attend the Project Summit in person, we have a project-wafec channel setup in the OWASP Slack team that has not been used at all really but would be a great way for remote collaboration combined with our working Google doc. I'll send out more details on the summit in the next couple weeks as I receive more logistics details from the conference team. > > Register for the OWASP Slack team at https://owasp.herokuapp.com/ > > Thanks! > > -- > Tony Turner > OWASP Orlando Chapter Founder/Co-Leader > WAFEC Project Leader > STING Game Project Leader > tony.turner@owasp.org > https://www.owasp.org/index.php/Orlando