Starting with Linux/network security in the nineties. Achim Hoffmann has been working in web application security since more than 12 years. While working as a developer for web-application for several years he started concentrating on web application security as major subject in different roles like penetration tester, doing SCA and giving security workshops. 

He is author, co-author and maintainer of various papers about web application security at BSI (Germany), OWASP and WASC. He also published some tools (EnDe,EMiR, ReDoS, O-Saft) which aim to make web application security more visible.Achim is owner of sic[!]sec GmbH, Germany, a company that provides information security services. Outside work he is German OWASP Board Member and helps maintaining OWASP's mailing lists.