[Owasp-leaders] PCI, more ego than brains...

Rex Booth rex.booth at owasp.org
Mon Mar 2 09:57:14 EST 2009


True - I think there is a good opportunity here.

Along these lines, there was a letter to the editor in the latest SC 
magazine explaining just this - that compliance with PCI wouldn't even 
capture the OWASP top ten, let alone provide any real assurance of 
security.  I'll see if I can scan it in later and provide it to the 
group.  It's always good to see OWASP get unsolicited press.

And agreed Eduardo - I would personally love to see a compliance vs 
security analysis presentation.

Eduardo V. C. Neves wrote:
> Well, sounds as their job to advise their own belly. :-)
>
> However sounds as an opportunity to me, if we can use this to explain  
> why PCI-DSS and specifically the PA-DSS are only standards and also  
> subject to be exploited if the security is not deployed/maintained in  
> a holistic fashion (that's a quote... ).
>
> Don't seems as a topic to be presented on the next AppSec?
>
> Best regards,
>
> - en
>
> On Feb 28, 2009, at 3:23 AM, Daniel Cuthbert wrote:
>
>   
>> When I see stuff like this, it really does ram home the point of how  
>> little people actually get it.
>>
>> <Picture 1.jpg>
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>     
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>   


More information about the OWASP-Leaders mailing list