[Owasp-leaders] PCI, more ego than brains...

Tom Brennan - OWASP tomb at owasp.org
Mon Mar 2 11:04:57 EST 2009

The solution ;)   <http://www.scanlesspci.com> http://www.scanlesspci.com


From: owasp-leaders-bounces at lists.owasp.org
[mailto:owasp-leaders-bounces at lists.owasp.org] On Behalf Of Eoin
Sent: Monday, March 02, 2009 10:49 AM
To: Owasp-Leaders at Lists.Owasp; Daniel Cuthbert
Subject: Re: [Owasp-leaders] PCI, more ego than brains...

Its all cool baby......
I'm PCI compliant or so they say.... so I can hit the hackers with my
rolled-up cert when they come knocking on my web application.
If the payment card industry did nothing (did not introduce PCI DSS) we
would be complaining about the same thing, web insecurity.
PCI certification is not going to save us (them). The insecurity is
contained in the creation, application and deployment of the building blocks
of the web, PCI is never going to fix this or any other
Sure let them get certified, and hacked this is the cycle of life....
but its cool man, "get certified, go to the next level" :)

2009/2/28 Daniel Cuthbert <daniel.cuthbert at owasp.org>

When I see stuff like this, it really does ram home the point of how little
people actually get it.

OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org


OWASP Code Review Guide Lead Author
OWASP Ireland Chapter Lead
OWASP Global Committee Member (Industry)

Quis custodiet ipsos custodes

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20090302/99d72528/attachment.html 

More information about the OWASP-Leaders mailing list