[Owasp-leaders] PCI project - anybody involved or leading?

Christian Heinrich christian.heinrich at owasp.org
Thu Nov 17 18:45:40 EST 2011


On Thu, Nov 17, 2011 at 12:49 AM, Rex Booth <rex.booth at owasp.org> wrote:
> Thanks Tom.  It looks like Christian has taken it on.

Yes, this is correct and Tom should be aware of this already i.e.

On Thu, Nov 17, 2011 at 12:49 AM, Rex Booth <rex.booth at owasp.org> wrote:
> Christian - can you provide a status at your convenience?  I know the
> project plan shows a number of activities that should have occurred early in
> 2011, but I'm curious if we have any materials we can share.

I reviewed the PCI related deliverables of the OWASP CBT Project for
Nishi Kumar i.e.

Furthermore, I am in process of updating
http://www.slideshare.net/cmlh/padss from PA-DSS v1.2 to v2.0 i.e. I
have completed Requirements 1-7.  It should also be noted that a lot
of the issues I raised within this presentation were addressed in
PA-DSS v2.0.

OWASP can submit feedback to the PCI SCC until April 2012 i.e.

If there is anything that you want to contribute then please make
contact via https://lists.owasp.org/mailman/listinfo/owasp-pci-project

On Thu, Nov 17, 2011 at 12:49 AM, Rex Booth <rex.booth at owasp.org> wrote:
> Tony - I disagree 100%.  Like it or not, compliance and regulations are one
> of the biggest drivers for interest in what we do.  We would be wise to work
> with organizations like PCI to integrate application security into as many
> regulations as reasonable.  I do agree about the sponsorship concerns,
> however.

I have addressed this within

Christian Heinrich

More information about the OWASP-Leaders mailing list