User:Selcouth69

I have been working in the payments industry for more than 30 years. I have seen many standards, approaches and security philosophies come and go. I am an firm believer in the protection of consumer and business data, and am looking for the best ways to improve the security of the payments company start-up of which I am now an officer - and a developer and administrator.

Currently, I am also an application administrator for an payments application running on the HPE NonStop Blades platform, for a major petrol/convenience store chain in the US. We process approximately 2-3 million transactions per day. We recently went through an exhaustive, weeks-long audit of our PCI/PII-sensitive data handling. We passed this audit with only a few, minor gaps.

I became aware of OWASP through a recent training course required of consultants such as myself by the petrol/C-store client. Although it provided only a cursory overview of the OWASP Top 10 vulnerabilities, it was quite an eye opener. In become an account-holder with OWASP I hope to learn as much as I can about security for online, web-based applications and perhaps even contribute in my own small way.