Monday, October 12, 2009

PCI Requires Developers Receive Training in Secure Coding Practices

Did you know that section 6.5.a of PCI requires that developers receive security specific training which incorporates security coding best practices such as those listed at OWASP?
6.5.a Obtain and review software development processes for any web-based applications. Verify that processes require training in secure coding techniques for developers, and are based on guidance such as the OWASP guide (
PCI v.1.2.1

On the note of PCI, be sure to check out last week's post on PCI Requirements Soon Change Per New OWASP Top 10.

-Michael Coates