Welcome to the full schedule of the OWASP AppSec Research EU 2013 conference days. You’ll find the schedule for the training days at http://trainings2013.appsec.eu
Back To Schedule
Friday, August 23 • 2:05pm - 2:35pm
WAFEC - content and history of an unbiased project challenge

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The Web Application Firewall Evaluation Criteria was initally released in 2006 by the Web Application Security Consortium (WASC).

This talk will explain the history of WAFEC, starting at 1.0 to today. We will describe the problems and solutions bringing together communities, security enthusiasts and vendors to write an unbiased paper about an important security product. These efforts finally ended in building one joined project about it by the two security communities, WASC and OWASP.

We will also describe the purpose of WAFEC 2.0, its goals, its audience, and how it can be used to evaluate the suitability of different WAFs.


Achim Hoffmann

Starting with Linux/network security in the nineties. Achim Hoffmann has been working in web application security since more than 12 years. While working as a developer for web-application for several years he started concentrating on web application security as major subject in... Read More →

Friday August 23, 2013 2:05pm - 2:35pm CEST