Hi, 
Guest
Pic
Sign In

wasc-wafec@lists.webappsec.org

WASC Web Application Firewall Evaluation Criteria Project Mailing List

View all threads

WAFEC 2.0 phase 1: exploratory discussion (deadline: June 14th)

OS
Ofer Shezaf
Thu, May 31, 2012 10:44 AM

Thanks to all who volunteered to contribute to this project going forward
(and those who didn't - you still can!)

I would like to boot up the project with a short exploratory phase
identifying why we need a new release and therefore what we need in it.

To guide the discussion, I think that the reasons we need v2 fall into two
categories:

  1.  Things that have changed - new (or obsolete) deployment modes,

techniques, attacks, or even something new altogether.

  1.  Issues we discovered in WAFEC over the years. Some issues I

encountered are identifying specific requirements and sorting out what's
important and what's not.

From this discussion I hope to derive a mission statement, a tasks list and

therefore a schedule for the V2 project. All those will be the next phase.

I would give this phase two weeks (until June 14th), however I am on
vacation from the 9th, so would accept input but not join the discussion on
the last few days.

I would also want to thank Thorsten and Mirko for leading the project until
now. I do hope that I will get from you all more cooperation than they did!
I would also want to extend a personal apology to Thorsten and Mirko as the
leader switch was not well coordinated. Thorsten and I discussed this over
the last week and he gracefully agreed to let me give a try to leading this
project forward.

Thank you all!

~ Ofer

Ofer Shezaf

[+972-54-4431119; ofer@shezaf.com, www.shezaf.com]

Thanks to all who volunteered to contribute to this project going forward (and those who didn't - you still can!) I would like to boot up the project with a short exploratory phase identifying why we need a new release and therefore what we need in it. To guide the discussion, I think that the reasons we need v2 fall into two categories: 1. Things that have changed - new (or obsolete) deployment modes, techniques, attacks, or even something new altogether. 2. Issues we discovered in WAFEC over the years. Some issues I encountered are identifying specific requirements and sorting out what's important and what's not. >From this discussion I hope to derive a mission statement, a tasks list and therefore a schedule for the V2 project. All those will be the next phase. I would give this phase two weeks (until June 14th), however I am on vacation from the 9th, so would accept input but not join the discussion on the last few days. I would also want to thank Thorsten and Mirko for leading the project until now. I do hope that I will get from you all more cooperation than they did! I would also want to extend a personal apology to Thorsten and Mirko as the leader switch was not well coordinated. Thorsten and I discussed this over the last week and he gracefully agreed to let me give a try to leading this project forward. Thank you all! ~ Ofer Ofer Shezaf [+972-54-4431119; ofer@shezaf.com, www.shezaf.com]
Empathy v1.0   2024 ©Harmonylists.com