[Owasp-leaders] PCI project - anybody involved or leading?

Nishi Kumar nishi787 at hotmail.com
Thu Nov 17 10:35:36 EST 2011


Hi Tom,
 
All the power point presentations have been updated for version 2.0 of PCI few months back. These presentations have been updated:
 

Application Security Overview - Security For Managers And Executives Rev 1-0.ppt 
PCI DSS And PA-DSS Version 2 Training  - PCI DSS And PA-DSS Version 2 Training Rev 1-2.ppt 
OWASP Top 10 2010 Training - OWASP Top 10 2010 Training Rev 1-1.ppt 
CWE/SANS Top 25 Training - CWE-SANS Top 25 Training Rev 1-1.ppt 
CERT Secure Coding Training - CERT Secure Coding Training Rev 1-1.ppt 
Security Scanning Training - Security Scanning Training Rev 1-0.ppt 
Web Basic Concepts Training - Web Basic Concepts Training Rev 1-0.ppt 
 
 
We are in the process of updating CWE/SANS Top 25 to 2011. Currently it is 2010. We are also in the process of updating the CBT's to PCI version 2.0. We will have these updated in the Wiki shortly. Work is in progress for these items.
 
Thanks
Nishi Kumar
OWASP CBT Project Lead
OWASP GLobal Industry Committee
 



CC: jason.alexander at owasp.org; rex.booth at owasp.org; owasp-leaders at lists.owasp.org
From: tomb at owasp.org
Subject: Re: [Owasp-leaders] PCI project - anybody involved or leading?
Date: Wed, 16 Nov 2011 17:50:11 -0500
To: nishi787 at hotmail.com



Has it been updated for 2?

http://www.mastercard.com/us/company/en/docs/summary_of_changes.pdf


On Nov 16, 2011, at 2:08 PM, Nishi Kumar <nishi787 at hotmail.com> wrote:







Hi Rex,
 
My OWASP CBT project has training material that is geared towards PCI. Please look at PCI Training Presentations Track. 

https://www.owasp.org/index.php/Category:OWASP_CBT_Project
 
Thanks
Nishi Kumar
OWASP CBT Project Lead
OWASP Global Industry Committee 
 



Date: Wed, 16 Nov 2011 13:57:42 +0000
From: jason.alexander at owasp.org
To: rex.booth at owasp.org; tomb at owasp.org
CC: owasp-leaders at lists.owasp.org
Subject: Re: [Owasp-leaders] PCI project - anybody involved or leading?

must admit.that PCI compliance work is a big driver for web app sec in UK. most board level execs would never even consider it if it wasnt. 

Jason Alexander
OWASP Chapter Founder And Leader
Twitter: 0wasp
Sent From My Samsung Droid Phone 


Rex Booth <rex.booth at owasp.org> wrote: 


     Thanks Tom.  It looks like Christian has taken it on.

Christian - can you provide a status at your convenience?  I know the project plan shows a number of activities that should have occurred early in 2011, but I'm curious if we have any materials we can share.

Tony - I disagree 100%.  Like it or not, compliance and regulations are one of the biggest drivers for interest in what we do.  We would be wise to work with organizations like PCI to integrate application security into as many regulations as reasonable.  I do agree about the sponsorship concerns, however.

Thanks,
Rex

On 11/16/2011 7:38 AM, Thomas Brennan wrote: 

Rex, Dead effort.


Started it while at WhiteHat with Trey Ford and then Ed got involved. Project never got a project plan, defined scope or motion. Inactive should be archived


Semper Fi,


Tom Brennan
http://www.linkedin.com/in/tombrennan
9732020122

On Nov 16, 2011, at 12:07 AM, Tony UcedaVelez <tonyuv at owasp.org> wrote:




I personally don't agree with such a project b/c I know that the compliance tail will wag the security dog and I think it diverts from the germane focus of the org IMHO.  I am concerned however (as an aside) that project sponsors are listed on that page and they have contributed funds to a project that is dormant.  Is that a misread on the project sponsorship?
 
Tony UV


On Tue, Nov 15, 2011 at 9:52 PM, Rex Booth <rex.booth at owasp.org> wrote:


Leaders,

Is anybody involved in the PCI project linked below?

https://www.owasp.org/index.php/Key_Project_Information:OWASP_PCI_Project 

Thanks,
Rex



_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders



-- 
Tony UcedaVelez
Atlanta Chapter President
OWASP Atlanta
http://www.owasp.org/index.php/Atlanta_Georgia
Twitter: @versprite



_______________________________________________
OWASP-Leaders mailing list
OWASP-Leaders at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-leaders


_______________________________________________ OWASP-Leaders mailing list OWASP-Leaders at lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-leaders 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20111117/e64f4fc7/attachment.html 


More information about the OWASP-Leaders mailing list