After 156 votes, only 13% have indicated that they don’t need to train their devs about #PCI. As a community, if we hate #compliance mandates so much, why do we need to mention them to get our #swsec stuff done? How effective are we being then? cc: @cigitalgem @bilcorry
π‹πšπ€π¬π‘ π‘πšπ π‘πšπ―πšπ§
 @laraghavan
7 Apr 2021
1/8 Now that the poll has closed, I'd like to disclose that I'm with the minority (No) on this one. Rationale summarized in this thread πŸ‘‡ #pci #training #appsec #swsec cc: @shehackspurple @bilcorry @robertauger @cigitalgem
1
Replying to @laraghavan @cigitalgem
The irony is PCI requires devs be trained annually regarding secure coding. There is NO requirement to train them on β€œPCI”.

Apr 7, 2021 Β· 10:09 PM UTC

2
1
2
Replying to @bilcorry @cigitalgem
Yep! Lots of mis-information about compliance mandates and a lot of mis-use of compliance (as a stick) as well.
π‹πšπ€π¬π‘ π‘πšπ π‘πšπ―πšπ§
 @laraghavan
1 Apr 2021
Replying to @gadgetsquirrel
1/2 Yes, my real question is, technically even though there is no need to mention the acronym β€œPCI” in order to be compliant to 6.5, how many folks in the real world actually feel the need to do it?
1
2
Replying to @bilcorry @cigitalgem @laraghavan
lspci -vvv and you're done, right? πŸ€ͺ
1