[Owasp-leaders] OWASP Appsec Standard

Colin Watson colin.watson at owasp.org
Wed Mar 25 20:29:11 UTC 2015


Mohamed

The PCI SSC do not give out certificates, to anyone. They are
responsible for maintaining and releasing PA-DSS, PCI DSS, and other
standards.

As Jim noted, the ASVS is perhaps closest to your requirement:

   https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project

Best regards

Colin



On 25 March 2015 at 20:23, Mohamed Alfateh <mohamed.alfateh at owasp.org> wrote:
> The idea is to give certificate upon compliance to standard requirement,
> I don't think we need that extensive infrastructure, we may need to prepare
> details for the auditing criteria,
>
> For PCI, the council is responsible for releasing the standard and give the
> certificate of compliance, the auditing itself is done through other
> qualified entities,
>
>
> On Wed, Mar 25, 2015 at 8:28 PM, Jim Manico <jim.manico at owasp.org> wrote:
>>
>> Certification? That requires extensive infrastructure and setup.
>>
>> Standard? Check out the OWASP ASVS Standard....
>>
>> Aloha,
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> > On Mar 25, 2015, at 12:18 PM, Mohamed Alfateh
>> > <mohamed.alfateh at owasp.org> wrote:
>> >
>> > Dear all,
>> >
>> > I had conversation with one of our chapter members regarding the
>> > application security standards,
>> > He asked me: why don't we have OWASP Appsec standard and certification
>> > similar to PA/DSS,
>> > I think OWASP is more trusted when it comes to application security.
>> > OWASP already have many projects include information better than PA/DSS.
>> > Also, this could be good revenue source for OWASP,
>> >
>> > What do you think about this ?  ,
>> >
>> > --
>> > Fateh
>> > _______________________________________________
>> > OWASP-Leaders mailing list
>> > OWASP-Leaders at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>


More information about the OWASP-Leaders mailing list