[GPC] the OWASP PCI project

Ed Bellis ed.bellis at gmail.com
Fri May 15 09:36:57 EDT 2009


Hi Paulo,

I just realized I never received the automated email with the mailing list
password. Can this be resent to me?

Thanks,

Ed


On Tue, May 5, 2009 at 12:11 PM, Paulo Coimbra <paulo.coimbra at owasp.org>wrote:

>  Hello Trey and Ed,
>
>
>
> I have set up the OWASP PCI project’s* *page -
> http://www.owasp.org/index.php/Category:OWASP_PCI_Project*. *Please feel
> free to change it as you find best.
>
>
>
> I’ve also created a mailing list and, by now, the admin password must have
> been sent automatically to you.
>
>
>
> If I may, I suggest contacting OWASP project leaders (
> owasp-leaders at lists.owasp.org) to publicize the project and seek out for
> ideas, contributors and reviewers.
>
>
>
> I wish you good work.
>
>
>
> Should you have any further questions, please do not hesitate and get back
> to me.
>
>
>
> Many thanks, best regards,
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>
>
>
> Block your agendas for May 11-14 and join us - *OWASP AppSec Europe 2009<http://www.owasp.org/index.php/AppSecEU09>
> *
>
>
>
>
>
> *From:* Trey Ford [mailto:trey.ford at me.com]
> *Sent:* sábado, 2 de Maio de 2009 01:06
> *To:* paulo.coimbra at owasp.org
> *Cc:* 'Tom Brennan'; ed.bellis at gmail.com; 'Dinis'
>
> *Subject:* Re: the OWASP PCI project
>
>
>
> Paulo!
>
>
>
> Thank-You for getting back with us!  I appreciate what're you working on-
> I'm glad to know you still have us in your sights!
>
>
>
> Have a great weekend!!
>
>
> Trey Ford
>
> b. http://treyford.wordpress.com
>
> c. 415.609.0300
>
>
>
> On May 1, 2009, at 1:20 PM, Paulo Coimbra wrote:
>
>
>
>   Hello Trey,
>
>
>
> Of course you are not nagging me and on the contrary I owe you an apology
> for my delay in setting up your project. In fact, as we are currently
> discussing a new template for OWASP projects, I was waiting to see if we
> could finish the task in time to use the new output in your project.
> However, this process has taken more time than initially expected and I
> should have already updated you.
>
>
>
> Nevertheless, the OWASP Global Projects Committee will have tonight a new
> meeting to try and finalize the task of establishing the referred new
> template. Thus, if we succeed I will set up your project in accordance with
> the new rules. Otherwise the project will be set up with the old frame and
> later on it will be updated. In any case until next Monday, maximum, this
> will be done. I thank your patience.
>
>
>
> Many thanks, best regards,
>
>
>
> Paulo Coimbra,
>
> OWASP Project Manager <https://www.owasp.org/index.php/Main_Page>
>
>
>
> Block your agendas for May 11-14 and join us - *OWASP AppSec Europe 2009<http://www.owasp.org/index.php/AppSecEU09>
> *
>
>
>
>
>
> *From:* Trey Ford [mailto:trey.ford at me.com <trey.ford at me.com>]
> *Sent:* sexta-feira, 1 de Maio de 2009 15:33
> *To:* paulo.coimbra at owasp.org
> *Cc:* Tom Brennan; ed.bellis at gmail.com; Trey Ford
> *Subject:* Re: the OWASP PCI project
>
>
>
> Hi Paulo!
>
>
>
> I just wanted to follow up regarding our project submission.
>
>
>
> I don't want to nag you, but I do have a team of people that are working
> diligently on this initiative, and would very much like to migrate their
> work into the OWASP community.
>
>
>
> Please let me know if you have had a chance to review our submission, if
> you have any questions, or what I may do to help move this forward.
>
>
>
> I look forward to hearing from you!
>
>
>
> ~trey
>
>
>
> Trey Ford
>
> b. http://treyford.wordpress.com
>
> c. 415.609.0300
>
>
>
> On Apr 17, 2009, at 12:40 PM, Trey Ford wrote:
>
>
>
> > Paulo,
>
> >    I've been talking with Tom about launching an OWASP project focused
>
> > on PCI.  If at all possible, it would be GREAT to be able start
>
> > evangelizing the work we've already done during RSA next week, and to
>
> > start recruiting the community to engage along the way!  Below is the
>
> > required information as detailed at
>
> > <http://www.owasp.org/index.php/How_to_Start_an_OWASP_Project
>
> > >
>
> >
>
> > Please let me know if there is anything I may do to help expedite or
>
> > answer any questions!
>
> >
>
> > ~trey
>
> >
>
> > Trey Ford
>
> > b. http://treyford.wordpress.com
>
> > c. 415.609.0300
>
> >
>
> > ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
>
> >
>
> > Title:
>
> >    the OWASP PCI project
>
> >
>
> > Project leader(s) (name and email):
>
> >    Trey Ford <ford.trey at gmail.com>
>
> >    Ed Bellis <ed.bellis at gmail.com>
>
> >
>
> > Short Project Description:
>
> >    To build and maintain community concensus for managing regulatory
>
> > risk of web applications.  For those with existing website security
>
> > programs, to ensure their activities uniformly meet PCI
>
> > requirements, and for those getting started - to aid in building a
>
> > website security strategy that also ensures sustainable PCI
>
> > compliance.
>
> >
>
> > Detailed Project Description / Roadmap:
>
> >    Initially, by building auditor and management tools, checklists,
>
> > and leading community discussion on a industry accepted approach to
>
> > applying the PCI Application Security standards, and ensuring
>
> > security through compliance related initiatives
>
> >
>
> >    Longer term initiatives will migrate away from PCI focused
>
> > activities into broader regulatory needs.  By focusing less on
>
> > specific data sets (such as cardholder data in PCI), and more
>
> > intently managing risk to whatever information assets are stored,
>
> > processed, or transmitted by the website software- the security
>
> > strategies taking root in this program will effectively map to any
>
> > future regulatory security requirements placed upon websites.
>
> >
>
> > Chosen open-source license
>
> >    This work will be licensed under the Creative Commons Attribution-
>
> > ShareAlike 2.5 license.
>
> >
>
> > Project contributors (if any)
>
> >    Project was initiated by the Application Security Working Group of
>
> > the Society of Payment Security Professoinals found at
> https://www.paymentsecuritypros.com/
>
> >
>
> > Sponsor organizations (if any)
>
> >    WhiteHat Security
>
> >    Orbitz
>
> >    Fiserve
>
> >    The Society of Payment Security Professoinals
>
> >
>
> > Main links (existing information on the web, if any)
>
> >    To be announced
>
> >
>
> > Related OWASP Projects
>
> >    This project will be a central point for guiding the adoption of
>
> > existing OWASP initiatives.
>
> >
>
> >
>
> >
>
> >
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/global-projects-committee/attachments/20090515/c60655c0/attachment-0001.html 


More information about the Global-projects-committee mailing list