[PCI DSS 1.x] 6.5 Develop all web applications based on secure coding guidelines. such as the Open Web Application

6.5.a Obtain and review software development processes for any web-based applications. Verify that processes require training in secure coding techniques for developers, and are based on guidance such as the OWASP Guidelines (http://www.owasp.org)

6.5.b For any web-based applications, verify that processes are in place to confirm that web applications are not vulnerable to the following

Quick question on this requirement, the version of the PCI DSS I’m looking at (Version 2.0 from October 2010) just says “develop applications” not web applications. Is mine old or is it broader now than what the statement above has?