[Owasp-leaders] OWASP Appsec Standard

Mohamed Alfateh mohamed.alfateh at owasp.org
Wed Mar 25 20:23:54 UTC 2015


The idea is to give certificate upon compliance to standard requirement,
I don't think we need that extensive infrastructure, we may need to prepare
details for the auditing criteria,

For PCI, the council is responsible for releasing the standard and give the
certificate of compliance, the auditing itself is done through other
qualified entities,


On Wed, Mar 25, 2015 at 8:28 PM, Jim Manico <jim.manico at owasp.org> wrote:

> Certification? That requires extensive infrastructure and setup.
>
> Standard? Check out the OWASP ASVS Standard....
>
> Aloha,
> --
> Jim Manico
> @Manicode
> (808) 652-3805
>
> > On Mar 25, 2015, at 12:18 PM, Mohamed Alfateh <mohamed.alfateh at owasp.org>
> wrote:
> >
> > Dear all,
> >
> > I had conversation with one of our chapter members regarding the
> application security standards,
> > He asked me: why don't we have OWASP Appsec standard and certification
> similar to PA/DSS,
> > I think OWASP is more trusted when it comes to application security.
> OWASP already have many projects include information better than PA/DSS.
> Also, this could be good revenue source for OWASP,
> >
> > What do you think about this ?  ,
> >
> > --
> > Fateh
> > _______________________________________________
> > OWASP-Leaders mailing list
> > OWASP-Leaders at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150325/02954094/attachment.html>


More information about the OWASP-Leaders mailing list