[Owasp-standards] Introduction to the list

owasp-standards-admin at lists.sourceforge.net owasp-standards-admin at lists.sourceforge.net
Mon Nov 21 14:08:15 EST 2005


Hello, and welcome to the OWASP PCI-WASS list.
 An introduction to the project, supporting downloads, and other information
is available at http://www.owasp.org/standards/pci-wass.html
 Just for completeness though, the goal of the project is as follow...

The PCI-WASS, or Payment Card Industry Web Application Security Standards
project aims at creating a *proposed* set of minimum requirements a web
application must exhibit if it processes credit card information. There
currently exists such a security standards focused at the network level in
the Cardholder Information Security
Program<http://usa.visa.com/business/accepting_visa/ops_risk_management/cisp.html>.
However, this standard does not address web applications and their security.

Instead of proposing goals like "ensure the application is protected against
the OWASP Top Ten", we plan to develop *specific, testable* criteria that
can stand-alone or be integrated into existing security standards like CISP.

A strawman set of requirements to get us started is available linked off the
main project page (see there for the latest version). Comments, feedback and
other ideas are welcome.
 Thanks for participating,
 Mike Andrews.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.owasp.org/pipermail/owasp-standards/attachments/20051121/0034ae70/attachment.html 


More information about the Owasp-standards mailing list