WASC Web Application Firewall Evaluation Criteria Project Mailing List
View all threadsI just wanted to drop a note to the list to first off say, "No, we are not
dead". We've had a lot of people state their interest after we ran our last
CFV, but no real output to speak of. I believe I responded back to anyone
that expressed interest, if I missed you please get in touch. We still need
content developed for (or compelling reasons why it should be removed from
scope):
With that out of the way, we've revised the roadmap and pushed out the
planned 3.0 release until late 2017 (or sometime after 2.0) and pushed the
(very long overdue) planned 2.0 release to early 2016. The intent is to
produce a deliverable at the AppSecUSA Project Summit on October 11-12 that
is mostly complete. We will then distribute that document to this list for
a peer review period before a beta release in Q1.
For those of you that already contributed comments or reached out to me,
thank you! For the rest of you, we still need your help, and coming out to
the project summit would be a great way to do so. Even if you cannot attend
the Project Summit in person, we have a project-wafec channel setup in the
OWASP Slack team that has not been used at all really but would be a great
way for remote collaboration combined with our working Google doc. I'll
send out more details on the summit in the next couple weeks as I receive
more logistics details from the conference team.
Register for the OWASP Slack team at https://owasp.herokuapp.com/
Thanks!
--
Tony Turner
OWASP Orlando Chapter Founder/Co-Leader
WAFEC Project Leader
STING Game Project Leader
tony.turner@owasp.org
https://www.owasp.org/index.php/Orlando
Hello all,
Just a reminder this starts tomorrow. If you want to get involved this is a great opportunity to do so. Either stop by the AppSecUSA Project Summit tomorrow morning or Wednesday or jump on the Slack channel below for details. Thanks.
Sent from my iPhone
On Sep 8, 2016, at 4:50 PM, Tony Turner tony.turner@owasp.org wrote:
I just wanted to drop a note to the list to first off say, "No, we are not dead". We've had a lot of people state their interest after we ran our last CFV, but no real output to speak of. I believe I responded back to anyone that expressed interest, if I missed you please get in touch. We still need content developed for (or compelling reasons why it should be removed from scope):
Differences between WAFs and next-generation firewalls and intrusion prevention systems
Performance and reliability criteria
Anti-automation/anti-bot capabilities
Anti-fraud capabilities, credential theft
Threat intel/reputation capabilities
Hybrid and cloud deployment models (Diving into CDN technology would be useful)
With that out of the way, we've revised the roadmap and pushed out the planned 3.0 release until late 2017 (or sometime after 2.0) and pushed the (very long overdue) planned 2.0 release to early 2016. The intent is to produce a deliverable at the AppSecUSA Project Summit on October 11-12 that is mostly complete. We will then distribute that document to this list for a peer review period before a beta release in Q1.
For those of you that already contributed comments or reached out to me, thank you! For the rest of you, we still need your help, and coming out to the project summit would be a great way to do so. Even if you cannot attend the Project Summit in person, we have a project-wafec channel setup in the OWASP Slack team that has not been used at all really but would be a great way for remote collaboration combined with our working Google doc. I'll send out more details on the summit in the next couple weeks as I receive more logistics details from the conference team.
Register for the OWASP Slack team at https://owasp.herokuapp.com/
Thanks!
--
Tony Turner
OWASP Orlando Chapter Founder/Co-Leader
WAFEC Project Leader
STING Game Project Leader
tony.turner@owasp.org
https://www.owasp.org/index.php/Orlando