Ofer, The association was derived through googling "site:owasp.org [person's full name]" since their claim is that you don't need to be a paid member to contribute. Thorsten was actually someone who I thought was associated with OWASP (due to his relationship with Achim) but has never had any correspondence with OWASP (unless it is under a handle that I am unaware of). I also tend to focus on individual contribution rather than their employer but nevertheless this should be also considered another factor to minimize voter bias. There is actually one person I would consider independent of both WASC and OWASP but is still involved with the WAF field is Ivan Ristić. On Sun, Nov 18, 2012 at 3:12 AM, Ofer Shezaf <ofer@shezaf.com> wrote: > I must say that as things go, nearly every person in the application > security field is associated with OWASP. This is the reason association with > OWASP will help the project. Actually of the 3 names you list as not OWASP, > two are (Ido represents F5 which sponsored numerous OWASP events and Julian > is listed on Xing, I assume by himself, as affiliated with OWASP). -- Regards, Christian Heinrich http://cmlh.id.au/contact