[Owasp-leaders] OWASP PCI project - old sponsors

[email protected] colin.watson at owasp.org
Wed Oct 9 22:33:40 UTC 2013


Johanna
I don't know the answer either. Why not ask the source of the document first? You might get the answer, and it won't cost anything.

Colin

----- Reply message -----
From: "johanna curiel curiel" <johanna.curiel at owasp.org>
To: "Colin Watson" <colin.watson at owasp.org>
Cc: "owasp-leaders at lists.owasp.org" <owasp-leaders at lists.owasp.org>
Subject: [Owasp-leaders] OWASP PCI project - old sponsors
Date: Wed, Oct 9, 2013 23:05

Hi Collin

Thanks for the tip.  I'm new to licenses, what I understood from the Open Scoping document is that people can make commercial use of it and redistribute it, however , is not the document but a tool (program) based on the Decision Tree proposed in this document. I think I'll need to consult a lawyer about copyright just to be sure, and my idea is to allow people use this tool, but they should not be allowed  to use the code and then make a commercial tool out of it ;-)


regards

Johanna


On Wed, Oct 9, 2013 at 10:19 AM, Colin Watson <colin.watson at owasp.org> wrote:

Johanna



> previous project



Maybe just make up a different project name like "PCI Toolkit Project"?





> Based on the Open PCI DSS Scoping Toolkit Document






If you are referring to the toolkit document from the Open Scoping

Framework Corp, that document is licensed under a Creative

Attribution-NoDerivs 3.0 license. Will what you are proposing

contravene the "no derivative works" part?



Colin





On 7 October 2013 15:19, johanna curiel curiel <johanna.curiel at owasp.org> wrote:

> HI Leaders

>

> I saw that WhiteHat and Orbitz are or were(?) sponsors of this project

>

> If you are still interested in sponsoring, Tom Brennan has joined the

> project too & I will be programming the tool. It has been redefined as the

> following:

>

> The OWASP PCI toolkit is a group of new and existing OWASP tools &

> Documentation that will provide organizations full support for the PCI

> compliance process, from scoping to implementation.

>

> The Toolkit consist of:

>

> OWASP PCI Scope Assessment module (WPF .NET app) this tool will allow

> organizations to create a full assessment scope. Based on the Open PCI DSS

> Scoping Toolkit Document, the tool will allow organizations to create a

> total report assessment, by providing the user with a complete analysis

> mechanism to all (inserted) system components

>

> OWASP PCI assessment criteria module (WPF .NET app)once the scoping process

> has been finalized, the Assessment criteria toolkit will provide you with a

> complete analysis of the defined system components, based on the areas where

> the systems belong to. Example: A proxy server (Category 1) falls under the

> "Build and maintain a secure Network" requirements

>

> The tool will deliver also, clear links and resources of existing OWASP

> tools and Documentation while applying the PCI testing procedures.

>

> Technical Info

>

> The tool will be built as a WPF-.NET (c#) program

>

>

> For more info, please contact me

>

>

> Regards

>

>

> Johanna

>

>

>


> _______________________________________________

> OWASP-Leaders mailing list

> OWASP-Leaders at lists.owasp.org

> https://lists.owasp.org/mailman/listinfo/owasp-leaders

>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131009/6444912e/attachment.html>


More information about the OWASP-Leaders mailing list