Hello and welcome to my user page at OWASP.org. You'll find some details about my public work and things related to web application security here.
You can reach me mailto: achim (at) owasp -dot- org.
"some" Security ..
It's difficult to describe my knowledge in the security world without being subjective, hence replace some by whatever your feel happy with. The official title on the v-card will be senior security consultant, which means something too.
Doing software development since early '80s, used to networking all the time, focused on web application security starting this millenium. Have seen coming, have evaluated, have configured and used and have seen disappearing a lot of WAFs and web application security scanners. Currently employed at SecureNet GmbH.
- Participating in the German Chapter.
- trying to setup OWASP EnDe Project
- being reviewer on some other OWASP projects (SoC 2008)
- CAL9000 (added some en/decoding and request/response functionality; 2006)
- Best Practices: WAF
Public Papers / Work
- Best Practices: Einsatz von Web Application Firewalls (co-author, 2008)
- Sicherheit von Webanwendungen: BSI-Maßnahmenkatalog und Best Practices (author, 2005/2006)
- Web Application Firewall Evaluation Criteria (contributor, 2005)
- Web Application Security Threat Classification (contributor and German translation, 2004/2005)
Things should be made as simple as possible, but no simpler (Einstein)
KISS - keep it simple stupid