Schellman listed as one of the first PCI Software Security Framework Assessors

Jacob Ansari

Recently, Schellman & Company has become one of the first firms in the industry to offer PCI Software Security Framework (SSF) assessments as a Secure Software and a Secure SLC Assessor. As the newest application security framework published by the PCI SSC, the SSF provides an objectives-based approach to assessing the design, development, testing, and maintenance of software that handles payment card data.

The framework itself contains two standards:

The Secure Software Lifecycle Standard – An interview and document-based assessment that focuses on software development and security practices.
The Secure Software Standard – Application security testing by the assessor that requires code reviews, forensic analysis, and the use of static and dynamic code analysis tools.

PCI practice director Jacob Ansari says,

“After working with the PCI SSC for several years to help develop this framework, we’re happy to see the framework fully realized and look forward to working with our clients to comply with these standards.”

For information about the PCI SSF, please contact pci@schellman.com.

About the Author

Jacob Ansari is a Senior Manager at Schellman & Company. Jacob performs and manages PCI DSS assessments. Additionally, Jacob oversees other Payment Card Industry assessment services, namely PA-DSS, P2PE, and 3DS. Jacob's career spans nearly 20 years of information security consulting and assessment services, including network and application security assessments, penetration testing, forensic examinations, security code review, and assessment of cryptographic systems. Jacob has performed payment card security compliance assessments since the payment card brands operated their own standards prior to the advent of PCI DSS.
More Content by Jacob Ansari

Return to Home

Welcome to our Hub

Schellman listed as one of the first PCI Software Security Framework Assessors

About the Author

Previous Article

Next Article

Schellman listed as one of the first PCI Software Security Framework Assessors

About the Author

Previous Article

Next Article

Most Recent Articles

Schellman's Misty Jacusis shares her breast cancer diagnosis and treatment story in honor of Breast Cancer Awareness Month

Schellman Principal Doug Kanney highlights the importance of HIPAA compliance for Business Associates, whose handling of lucrative data makes them prime cyberhacking targets.

Schellman's Justin Molinari brings attention to the importance of breaking stigmas and building supportive, inclusive communities for those with DS, in honor of Down Syndrome Awareness Month

Hiring of minorities in the accounting industry remains inexcusably low. Schellman President Avani Desai shares practices that can be implemented for instilling effective workplace diversity

Schellman Principal Doug Kanney provides an overview of the ONC/OCR SRA tool which by design helps organizations navigate the HIPAA risk analysis process.

In honor of Hispanic Heritage Month, Schellman's Jose Laureano shares the story of his grandmother Ana, a guiding force whose perseverance and wisdom shaped the person, and professional, he is today

No matter our location, Schellman team members come together or rearrange to achieve the unified goal of providing quality work. Does this liken us to Transformers? Edward Delgado shares insights

Schellman's Carrie Davis shares McKinley's childhood cancer story and how her journey inspired the Love McKinley organization

Schellman watches closely for the outcome of the first significant enforcement action by the NYDFS under 23 NYCRR Part 500.

In Part 2 of our EnergyTech series, Schellman's Grayson Taylor discusses the proactive approaches energy services entities (ESEs) are taking to manage cybersecurity risk and data protection.

Schellman's John Bullinger shares his experiences and best practices for conducting penetration testing from both sides of the coin: as that of a CSO and as a penetration tester.

Moving an organization’s management system certificate freely from vendor to vendor is a process made fairly simple by ISO and IAF

Schellman's Nikita Patel shares her incredible transplant journey story, in honor of National Minority Donor Awareness Month.

Breakthroughs in technology continue to be at the forefront in 2020. Schellman President Avani Desai shares tech trends that have emerged that will have a lasting impact on our future.

August is National Wellness Month and Schellman's Eric Aulbach discusses the importance of making yours, and your loved ones' health, a top priority.

Schellman principal and threat & vulnerability assessment lead Matt Wilgus comments on how authentication and cloud security standards have changed with the increase of remote workers due to COVID-19

Schellman's Karen Greene shares how her family, inspired by a trip to see the musical Hamilton, decided to embrace history during the unprecedented summer of 2020.

Schellman's Grayson Taylor shares an overview of the new mapping of NERC CIP Reliability Standards to NIST Cybersecurity Framework CSF

The secret to a flawless, stress-free SOC examination experience? Utilizing your company's internal audit team. Schellman's Edward Delgado provides an overview of this invaluable resource.

Cyber-attacks are increasing in frequency and magnitude, and the utilities sector is not immune. In part 1 of our EnergyTech series, we explore how the industry could benefit from cloud computing.