Risk Assessments, Security, Cybersecurity, Hacker, Risk, RSP, hacking, pen testing

Tribe of Hackers - Red Teams & More

Online is proud to feature a chapter from Tribe of Hackers, written by Marcus J. Carey and Jennifer Jin. Our very own security expert Jeff Man shared many insights and stories in chapter 25 of this highly acclaimed book.

Jeffrey Man is a respected information security expert, advisor, evangelist, and co-host of the security podcast Security Weekly. He has more than 35 years of experience in all aspects of computer, network, and information security. Jeffrey has held various information security roles within the DoD as well as private sector enterprises, is a former PCI QSA, and was part of the first penetration testing red team at the NSA.

Read More
By Jeff Man on Aug 29, 2019 5:50:02 PM
Security, PCI, InfoSec, DSS, Payment Gateway, credit cards, debit cards, IDS/IPS, CDE

PCI DSS: When to Test Controls & Functions

Although 2019 promises a new version of the Payment Card Industry Data Security Standard (PCI DSS) the current version 3.2.1 is the de facto standard for measuring security programs for all merchants and service providers that participate in commerce using credit or debit cards.

There are twelve major requirements in the PCI DSS, and considering the complexity of the material we have chosen to dedicate individual blogs to the different requirements. The focus of these blogs will be to provide tips and pointers, help provide clarity for “what’s new” and to enhance understanding so that your organization can achieve a sustainable security posture that easily satisfies the requirements of the PCI DSS.

Read More
By Jeff Man on Jan 3, 2019 4:51:51 PM
Security, HP, Printer, SimonShiu, SecurityLab, End-Point, NetworkSecurity, Malware, BlackHat2018, JetAdvantage, HPComputers, ConnectionInspector, DoD, NSA, cryptographer

Who Thinks of HP for End-Point Security?

Honestly, that was my first thought when I started looking at the marketing material HP had put together for Black Hat 2018 this year.

HP has been promoting its efforts to provide security to its enterprise printers for the past couple of years and has done a great job at offering secure solution. They have even involved the security research community by introducing a first-of-its kind enterprise printer bug bounty program. 

But end-point security? HP makes printers. What do they know about protecting end-points like desktops or laptops?

Read More
By Jeff Man on Nov 7, 2018 1:50:00 PM
Security, HPComputers, PrinterSecurity, ReinventSecurity, Cybersecurity, TechDay, #BugCrowd, #BugBounty, #TheFixer

HP Continues to Demonstrate its Commitment to Printer Security

In August 2018, Onliner Jeff Man attended the Black Hat Conference in Las Vegas, Nevada. While at Black Hat Jeff had the opportunity to connect with the team from HP and discuss the importance, and changing landscape of printer security.
 

In early 2017, HP invited a group of cybersecurity industry bloggers and podcasters to gather for an HP Print Security “Tech Day” at their headquarters in Palo Alto, CA. The purpose of the gathering was to introduce the group to HP’s printer security program (#reinventsecurity), foster discussion, and get feedback on the program. This event was the precursor to a major marketing campaign for HP to promote everything they’ve been doing in terms of making their printers more secure and also building printers with “cyber resilience”, meaning they have the capacity to detect malicious or accidental actions and even recover from the attacks. HP has worked diligently to improve the security of printers which in turn helps to create a more secure enterprise network.

Read More
By Jeff Man on Sep 20, 2018 3:57:53 PM