美国对于技术的融合、开放总是令人激动的，不封闭不排斥。不仅仅是NIST这些“百年名店”。对于web的防护，waf1.0 的发布是从用户层来考虑如何选择和测试一款合格的WAF，有哪些技术特性是必须满足的。未来版本是2.0，而下面就是主要的研究机构和参加，由他们共同参编写。期待和关注wafec2.0。

Community & Research:

• Christian Folini, Netnea.com; creator of REMO, an open source rule editor for ModSecurity.
• Emilio Casbas
• Prof. Giovanni Vigna, University of California, Santa Barbara
• Gregory Fresnais, BreakingPoint systems, a hardware test equipment for WAFs.
• Ivan Ristic; Ivan is the creator ModSecurity, an open source WAF. Ivan also led WAFEC 1.0.
• Keith Holt, Security Architecture, Texas Instruments
• Lior Cohen, Juniper
• Ofer Shezaf, Xiom; Ofer leads the WAFEC project
• Ori Segal, IBM (Rational)
• Prof. Stefano Zanero, Politecnico di Milano
• Tom Stripling, Security PS
• Thomas Raef, WeWatchYourWebsite.com
• Yuli Stremovsky, Creator of GreenSQL, an open source database firewall

WAF Vendors:

Naturally WAFEC is of importance to WAF vendors and most vendors have a representative on the WAFEC team:

• Alexander Meisel, Art of Defence
• Anshuman Singh, Barracuda
• Matthieu Estrade, Bee-ware
• Ido Breger, F5
• Julian Totzek, Deny All
• Kurt Roemer, Citrix
• Raviv Raz, Applicure
• Ryan Barnett, Breach Security
• Sandro Janita, FortiNet
• Sharon Besser, Imperva