OWASP PCI Project - Roadmap


 * Initially, by building auditor and management tools, check-lists, and leading community discussion on a industry accepted approach to applying the PCI Application Security standards, and ensuring security through compliance related initiatives.


 * Longer term initiatives will migrate away from PCI focused activities into broader regulatory needs. By focusing less on specific data sets (such as cardholder data in PCI), and more intently managing risk to whatever information assets are stored, processed, or transmitted by the website software - the security strategies taking root in this program will effectively map to any future regulatory security requirements placed upon websites.