Jacob Ansari

Jacob Ansari is a Senior Manager at Schellman & Company. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS, P2PE, and 3DS. Jacob's career spans nearly 20 years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and assessment of cryptographic systems. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS.

  • Verizon Releases 2019 Payment Security Report (PSR)

    Verizon Releases 2019 Payment Security Report (PSR)

    Verizon has released its 2019 Payment Security Report (PSR). For the first time they have worked with other entities as contributors and Schellman was one of the first five entities who contributed.

    Read Article
  • Schellman Becomes PCI Qualified PIN Assessor

    Schellman Becomes PCI Qualified PIN Assessor

    Schellman & Company has become a Qualified PIN Assessor (QPA) for the PCI PIN Security Program.

    Read Article
  • Passwords: A Game of Pwns - A Hash of Kings

    Passwords: A Game of Pwns - A Hash of Kings

    Apparently, someone put World Password Day (May 2) just before Star Wars Day (May 4) and while the most hotly anticipated final season on TV is airing (“Game of Thrones”). This seems...

    Read Article
  • The 11 Biggest Issues IT Faces Today

    The 11 Biggest Issues IT Faces Today

    From securing IoT to retraining IT talent to finding new revenue streams, CIOs have more than their share of concerns keeping them up at night. Each year we talk with tech leaders...

    Read Article
  • Supply and Demand (for security)

    Supply and Demand (for security)

    2018 was the year that raised the alarm in earnest about potential vulnerabilities in the supply chain for enterprise computing systems.But with such diverse networks and widespread...

    Read Article
  • EFAIL - They weren't kidding about the pretty good part

    EFAIL - They weren't kidding about the pretty good part

    Read Article
  • Schellman Joins PCI 3DS Assessors

    Schellman Joins PCI 3DS Assessors

    Schellman & Company, LLC, a leading provider of attestation and compliance services, has become an assessor in the PCI Security Standards Council’s new 3-D Secure (3DS) program, and can...

    Read Article
  • Payment Security Insights

    Payment Security Insights

    There are some important PCI DSS deadlines coming up. Let’s start with the SSL/early TLS migration. Why is it important for organizations to migrate away from SSL/TLS?

    Read Article
  • Malware in 2017: The More Things Change

    Malware in 2017: The More Things Change

    This article discusses ransomware and looks briefly at malware affecting point-of-sale (POS) systems, considering attack vectors and relevant defenses. It also touches on some of the...

    Read Article
  • Ransomware Eating the NHS

    Ransomware Eating the NHS

    On Friday, May 12, a number of National Health Service (NHS) facilities in the UK reported that their computers suffered a ransomware attack, and started causing a significant impact on...

    Read Article
  • New Strain of Linux Malware Could Get Serious

    New Strain of Linux Malware Could Get Serious

    A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.

    Read Article
  • New Strain of Linux Malware Could Get Serious

    New Strain of Linux Malware Could Get Serious

    A new strain of malware targeting Linux systems, dubbed "Linux/Shishiga," could morph into a dangerous security threat.

    Read Article
  • The Dyn Outage and Mirai Botnet: Using Yesterday’s Vulnerabilities to Attack Tomorrow’s Devices Today

    The Dyn Outage and Mirai Botnet: Using Yesterday’s Vulnerabilities to Attack Tomorrow’s Devices Today

    On October 21st, Dyn, a provider of domain name services (DNS), an essential function of the Internet that translates names like www.schellmanco.com to its numerical IP address, went...

    Read Article
  • Happy birthday to… wait, who’s this guy?

    Happy birthday to… wait, who’s this guy?

    Originally published by the Cloud Security Alliance: blog.cloudsecurityalliance.org How many arbitrary people do you have to get into a room before two of them share the same birthday?...

    Read Article
  • To the Man Who Has But a Rowhammer

    To the Man Who Has But a Rowhammer

    In 2014, researchers with Carnegie Mellon University and Intel discovered a potential attack against computer memory, one that attacked the electrical properties of the hardware rather...

    Read Article
  • 5 Questions with Community Speaker - Jacob Ansari

    5 Questions with Community Speaker - Jacob Ansari

    Originally published at blog.pcisecuritystandards.org In this post, we get insights from Jacob Ansari, Manager at Schellman & Company, LLC He will present“Hunting Paper Tigers: A...

    Read Article
  • A Game of Pwns: A Storm of (Pas)swords

    A Game of Pwns: A Storm of (Pas)swords

    Despite their perpetual status as old news, passwords and their security weaknesses continue to make headlines and disrupt security in ever-expanding ways, and the usual advice about better...

    Read Article
  • Infosec Trends in 2016

    Infosec Trends in 2016

    A new year invariably brings new resolutions, reflections, and predictions, and we are no different in our look at information security for 2016. Here are some things to consider and our predictions.

    Read Article
  • Between SSL-cylla and Charib-TLS

    Between SSL-cylla and Charib-TLS

    (Odysseus in Front of Scylla and Charybdis, Henry Fuseli Source: Wikipedia) Securing encrypted Internet traffic transmissions, such as those between web browsers and web servers, is decidedly not...

    Read Article
  • PCI SSC Updates Deadline to Remove SSL 3.0 and Early TLS

    PCI SSC Updates Deadline to Remove SSL 3.0 and Early TLS

    Today, the PCI SSC announced an update to the deadlines to remove insecure cryptographic protocols, namely SSL and early TLS (i.e., TLS 1.0). The original publication required disabling these...

    Read Article
  • loading
    Loading More...