Jeff Man, Recap of RSAC – Paul’s Security Weekly #557

This week in the Topic Segment, our very own Jeff Man gives us a recap on the 2018 RSA Conference! He discusses HackerOne CEO talking Bug Bounty programs, DevSecOps day at RSA demonstrates how the thinking around secure software has evolved, if it’s ti… Continue reading Jeff Man, Recap of RSAC – Paul’s Security Weekly #557

PCI Council Loses $600K in Revenue, PO Population on the Decline

Last year I released a blog post and a GitHub repository with some code to calculate how much money the PCI Council brings in annually, with an estimation of lifetime revenue. There are some MAJOR assumptions in there that can swing the revenue in eith… Continue reading PCI Council Loses $600K in Revenue, PO Population on the Decline

Payment Gateways – What Are the Risks Lurking Around?

Online businesses of all sizes need to be able to accept payments today. This really is the only way in which you can buy and sell products and services without a physical presence. It’s convenient and economical but there are also some risks ass… Continue reading Payment Gateways – What Are the Risks Lurking Around?

Post-Webinar Recap: Compliance in the Cloud in 2018

Once thought of as speed bumps in the path to deployment, security and compliance are now seen as critical ingredients that help organizations differentiate their offerings in the market, win more deals, and achieve mission-critical goals faster. We ho… Continue reading Post-Webinar Recap: Compliance in the Cloud in 2018

How PCI/DSS Compliance Can Protect Your Systems against New Ransomware Threats

Two significant ransomware attacks occurred in the first half of 2017. The first outbreak took place on May 12, 2017, when WannaCry leveraged a known Windows exploit to infect hundreds of thousands of vulnerable computers around the world, including 34… Continue reading How PCI/DSS Compliance Can Protect Your Systems against New Ransomware Threats

A Guide to PCI DSS Merchant Levels and Penetration Testing

In order to distinguish the sizes of merchant companies and appropriately determine the level of testing required, the founding credit card companies created four different brackets ranging from Tier 1 to 4. Each tier is based on the number of transact… Continue reading A Guide to PCI DSS Merchant Levels and Penetration Testing

Simplifying PCI DSS 3.2 Compliance with Preempt

If your organization handles credit cards, you are no doubt familiar with  Payment Card Industry Data Security Standard (PCI DSS) compliance. PCI DSS is a set of requirements and procedures that have been established in order to strengthen se… Continue reading Simplifying PCI DSS 3.2 Compliance with Preempt

Are You PCI Curious? A Short History and Beginner’s Guide

When I was a kid and we would go out to dinner, my dad would often pay using a credit card. The server would come over with an awkward, clunky device, put the credit card in it, and scan the card. By scan, I mean make an impression of the numbers on a … Continue reading Are You PCI Curious? A Short History and Beginner’s Guide