[Owasp-leaders] PCI project - anybody involved or leading?

Thomas Brennan tomb at owasp.org
Wed Nov 16 17:50:11 EST 2011


Has it been updated for 2?

http://www.mastercard.com/us/company/en/docs/summary_of_changes.pdf

On Nov 16, 2011, at 2:08 PM, Nishi Kumar <nishi787 at hotmail.com> wrote:

> Hi Rex,
>  
> My OWASP CBT project has training material that is geared towards PCI. Please look at PCI Training Presentations Track. 
> 
> https://www.owasp.org/index.php/Category:OWASP_CBT_Project
>  
> Thanks
> Nishi Kumar
> OWASP CBT Project Lead
> OWASP Global Industry Committee 
>  
> Date: Wed, 16 Nov 2011 13:57:42 +0000
> From: jason.alexander at owasp.org
> To: rex.booth at owasp.org; tomb at owasp.org
> CC: owasp-leaders at lists.owasp.org
> Subject: Re: [Owasp-leaders] PCI project - anybody involved or leading?
> 
> must admit.that PCI compliance work is a big driver for web app sec in UK. most board level execs would never even consider it if it wasnt. 
> 
> Jason Alexander
> OWASP Chapter Founder And Leader
> Twitter: 0wasp
> Sent From My Samsung Droid Phone 
> 
> 
> Rex Booth <rex.booth at owasp.org> wrote: 
> 
> 
>      Thanks Tom.  It looks like Christian has taken it on.
> 
> Christian - can you provide a status at your convenience?  I know the project plan shows a number of activities that should have occurred early in 2011, but I'm curious if we have any materials we can share.
> 
> Tony - I disagree 100%.  Like it or not, compliance and regulations are one of the biggest drivers for interest in what we do.  We would be wise to work with organizations like PCI to integrate application security into as many regulations as reasonable.  I do agree about the sponsorship concerns, however.
> 
> Thanks,
> Rex
> 
> On 11/16/2011 7:38 AM, Thomas Brennan wrote:
> Rex, Dead effort.
> 
> Started it while at WhiteHat with Trey Ford and then Ed got involved. Project never got a project plan, defined scope or motion. Inactive should be archived
> 
> Semper Fi,
> 
> Tom Brennan
> http://www.linkedin.com/in/tombrennan
> 9732020122
> 
> On Nov 16, 2011, at 12:07 AM, Tony UcedaVelez <tonyuv at owasp.org> wrote:
> 
> I personally don't agree with such a project b/c I know that the compliance tail will wag the security dog and I think it diverts from the germane focus of the org IMHO.  I am concerned however (as an aside) that project sponsors are listed on that page and they have contributed funds to a project that is dormant.  Is that a misread on the project sponsorship?
>  
> Tony UV
> 
> On Tue, Nov 15, 2011 at 9:52 PM, Rex Booth <rex.booth at owasp.org> wrote:
> Leaders,
> 
> Is anybody involved in the PCI project linked below?
> 
> https://www.owasp.org/index.php/Key_Project_Information:OWASP_PCI_Project 
> 
> Thanks,
> Rex
> 
> 
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> 
> 
> -- 
> Tony UcedaVelez
> Atlanta Chapter President
> OWASP Atlanta
> http://www.owasp.org/index.php/Atlanta_Georgia
> Twitter: @versprite
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 
> 
> _______________________________________________ OWASP-Leaders mailing list OWASP-Leaders at lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20111116/62e86e97/attachment.html 


More information about the OWASP-Leaders mailing list