Secure Coding mailing list archives
PCI: Boon or bust for software security?
From: ken at krvw.com (Kenneth Van Wyk)
Date: Mon, 3 Mar 2008 16:39:39 -0500
Greetings SC-L, So here's a question to ponder. Now that PCI DSS 1.1 is out there (save a couple June 2008 deadlines still looming), has it been good or bad for software security as a whole? It does require secure development processes (as prescribed by OWASP). It does require sensitive cardholder data to be encrypted at rest and in transit. Has it improved the overall state of affairs, worsened it, or have things pretty much remained the same. Cheers, Ken ----- Kenneth R. van Wyk SC-L Moderator KRvW Associates, LLC http://www.KRvW.com -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2500 bytes Desc: not available Url : http://krvw.com/pipermail/sc-l/attachments/20080303/0a939fd4/attachment.bin
Current thread:
- PCI: Boon or bust for software security? Kenneth Van Wyk (Mar 03)
- PCI: Boon or bust for software security? Bruce Ediger (Mar 03)
- PCI: Boon or bust for software security? Andy Murren (Mar 04)
- PCI: Boon or bust for software security? Benjamin Tomhave (Mar 04)
- PCI: Boon or bust for software security? Andy Murren (Mar 04)
- PCI: Boon or bust for software security? Bruce Ediger (Mar 03)