[Owasp-leaders] PCI, more ego than brains...
rex.booth at owasp.org
Mon Mar 2 09:57:14 EST 2009
True - I think there is a good opportunity here.
Along these lines, there was a letter to the editor in the latest SC
magazine explaining just this - that compliance with PCI wouldn't even
capture the OWASP top ten, let alone provide any real assurance of
security. I'll see if I can scan it in later and provide it to the
group. It's always good to see OWASP get unsolicited press.
And agreed Eduardo - I would personally love to see a compliance vs
security analysis presentation.
Eduardo V. C. Neves wrote:
> Well, sounds as their job to advise their own belly. :-)
> However sounds as an opportunity to me, if we can use this to explain
> why PCI-DSS and specifically the PA-DSS are only standards and also
> subject to be exploited if the security is not deployed/maintained in
> a holistic fashion (that's a quote... ).
> Don't seems as a topic to be presented on the next AppSec?
> Best regards,
> - en
> On Feb 28, 2009, at 3:23 AM, Daniel Cuthbert wrote:
>> When I see stuff like this, it really does ram home the point of how
>> little people actually get it.
>> <Picture 1.jpg>
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
More information about the OWASP-Leaders