[Owasp-topten] OWASP Top 10 2010

Boberski, Michael [USA] boberski_michael at bah.com
Thu Feb 18 08:25:50 EST 2010


Perhaps explore with him using ASVS for PCI, since now an actual standard exists?

Best,

Mike B.


________________________________
From: owasp-topten-bounces at lists.owasp.org [mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Dave Wichers
Sent: Wednesday, February 17, 2010 8:44 PM
To: McGovern, James F. (P+C Technology)
Cc: OWASP TopTen
Subject: Re: [Owasp-topten] OWASP Top 10 2010

I can ask Bob Russo, who runs the PCI Council, and was my former boss, to do so :-)

From: owasp-topten-bounces at lists.owasp.org [mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of McGovern, James F. (P+C Technology)
Sent: Wednesday, February 17, 2010 11:13 AM
Cc: OWASP TopTen
Subject: Re: [Owasp-topten] OWASP Top 10 2010

Of course I have a secondary question on top of this. PCI states that one must stay current but how can we ask PCI to publish a note as a way to amplify once this is released?

________________________________
From: owasp-topten-bounces at lists.owasp.org [mailto:owasp-topten-bounces at lists.owasp.org] On Behalf Of Nishi Kumar
Sent: Wednesday, February 17, 2010 9:22 AM
To: dave.wichers at aspectsecurity.com; vanderaj at owasp.org; mike.boberski at gmail.com
Cc: OWASP TopTen
Subject: Re: [Owasp-topten] OWASP Top 10 2010
Hi Dave,

I have to give a presentation on OWASP Top 10 next week in Toronto. I was worndering if OWASP Top 10 for 2010 has been officially released after the community feedback. Is the OWASP Top 10 - 2010 rc1 on OWASP website is the officially released document?

OWASP Top 10 is requirement for PCI DSS and PA DSS. PCI DSS requirements 6.5.1 - 6.5.10 and PA-DSS requirements 5.2.1 - 5.2.10 is OWASP Top 10. My question is do you know when PCI is going to change their requirements document to have OWASP Top 10 for 2010 as their requirement?

Thanks
Nishi Kumar
OWASP CBT Project Lead
OWASP Education Committee
________________________________
Hotmail: Powerful Free email with security by Microsoft. Get it now.<http://clk.atdmt.com/GBL/go/201469230/direct/01/>

************************************************************

This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information.  If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited.  If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies.

************************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-topten/attachments/20100218/5be85b63/attachment-0001.html 


More information about the Owasp-topten mailing list