Compliance Isn’t the Enemy with Jeff Man
Hacker Valley Studio24 Juli

Compliance Isn’t the Enemy with Jeff Man

Is compliance just a checkbox, or the backbone of real security?

Returning to the show with decades of hard-earned insight, Jeff Man makes the case that compliance, especially PCI-DSS, isn't just a formality; it's foundational to modern security. As one of the original architects of the NSA Red Team and a 20-year PCI veteran, Jeff explains how this often-misunderstood framework has shaped everything from pen testing to vendor accountability.

Ron and Jeff unpack the six core goals of PCI, how red teams and SaaS builders are directly affected, and why many security teams resist compliance efforts, despite relying on them to get essential buy-in and funding.

Impactful Moments:

00:00 – Introduction 01:00 – Does compliance equal security? 02:09 – Jeff returns with PCI firepower 03:15 – Defining security vs. compliance 05:33 – “Show me what you’re doing” 06:45 – Six goals at PCI’s core 10:45 – Security is watching, not reacting 13:30 – Companies secure because they have to 15:00 – PCI gave red teams their jobs 16:30 – Stripe and Square absorb PCI burden 19:30 – PCI 4.0 causes confusion 21:00 – Vendors aren’t your trusted advisors 22:30 – “Hate me, but I’ll help”

Links:

Connect with our guest, Jeff Man: https://www.linkedin.com/in/jeffreyeman/

Check out our upcoming events: https://www.hackervalley.com/livestreams

Join our creative mastermind and stand out as a cybersecurity professional:

https://www.patreon.com/hackervalleystudio

Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com

Continue the conversation by joining our Discord: https://hackervalley.com/discord

Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

Avsnitt(389)

Episode 21 - Changing the AppSec Game with Tanya Janca

Episode 21 - Changing the AppSec Game with Tanya Janca

Notice something new? What better to way unveil the new podcast name Hacker Valley Studio with an amazing guest - Tanya Janca. Tanya has made a huge impact to Application Security and to many other infosec domains. I'd highly recommend staying in touch with Tanya and following her work.   Tanya Janca: https://twitter.com/shehackspurple https://dev.to/shehackspurple https://medium.com/@shehackspurple    https://www.youtube.com/shehackspurple    https://www.twitch.tv/shehackspurple https://www.linkedin.com/in/tanya-janca   Security Sidekick: https://securitysidekick.dev https://twitter.com/SecSidekick https://www.youtube.com/channel/UC3KyuI83jt0l14q8xyffC2A   WoSEC (Women of Security) https://twitter.com/WoSECtweets  #SecurityWin  https://twitter.com/shehackspurple/status/1183483366592503808

22 Okt 201951min

Episode 20 - Embracing the grind with Will Rankin

Episode 20 - Embracing the grind with Will Rankin

Episode 20 Is Here 🚨In this special episode Chris and Ron are joined by Security Imagineer Will Rankin. The group discusses personal strategies for embracing the grind and move towards the next level. SecDevOps.AI Would like to give a special thanks to Will for his appearance on this episode and all of his support promoting the platform.

3 Okt 201929min

Episode 19 - Dressed for Success in Cyber with Ashley Tolbert

Episode 19 - Dressed for Success in Cyber with Ashley Tolbert

In this episode Ashley Tolbert joins Chris and Ron to discuss fashion in Cybersecurity. Fashion tribes, Attire, and Style Preferences are all points to consider when making an impression.

24 Sep 201924min

Episode18 - Math for Security and Red Teaming with KMAP

Episode18 - Math for Security and Red Teaming with KMAP

From Security Architect to Principal Red Team Engineer, KMAP joins Chris and Ron to discuss his diverse background and how he plans to use Discrete Math and BloodHound to advanced the capabilities of red teams.

5 Sep 201925min

Episode 17 - Undercover in the Criminal Underground with Charity Wright

Episode 17 - Undercover in the Criminal Underground with Charity Wright

New Episode Alert 🚨In this episode, Chris and Ron are joined by Charity Wright - An exceptional Threat Intelligence Analyst focusing on criminal activity on the deep and dark web. Charity also shares insight on how she began her career in intelligence and infosec.

28 Aug 201919min

Episode16 - Reading, Seeding, and Leading with Jonathan Wood

Episode16 - Reading, Seeding, and Leading with Jonathan Wood

In this powerful episode, Jonathan Wood joins Chris and Ron and shares insight on growth - personal, professional, and sales. Jonathan has a diverse background in cybersecurity startups and is currently leading his 4th startup, TruStar Technologies, to success.

24 Aug 201949min

Episode 15 - Thrill of the Hunt: Finding your Path

Episode 15 - Thrill of the Hunt: Finding your Path

In this episode, Chris and Ron learn about the impressive background of Kris Harms. Kris has a decorated career and extensive experience in Intrusion Detection, Incident Response, and Threat Hunting. He's been an early member at both Mandiant and Cylance which resulted in successful acquisitions.

21 Aug 201930min

Episode 14 - Quality Time with ITSP: A Podcaster's Podcast

Episode 14 - Quality Time with ITSP: A Podcaster's Podcast

In this episode, Ron and Chris are joined by Sean Martin and Marco Ciappelli from ITSPMagazine.com. Both set of podcasters have ambitious goals to start unique conversations and bring more diversity to Cybersecurity. Tune in and hear about the vision of both SecDevOps.AI and ITSP Magazine.

20 Aug 201929min

Populärt inom Utbildning

bygga-at-idioter
historiepodden-se
det-skaver
rss-bara-en-till-om-missbruk-medberoende-2
alska-oss
nu-blir-det-historia
harrisons-dramatiska-historia
svd-ledarredaktionen
johannes-hansen-podcast
allt-du-velat-veta
not-fanny-anymore
roda-vita-rosen
rikatillsammans-om-privatekonomi-rikedom-i-livet
rosceremoni
sa-in-i-sjalen
sektledare
rss-max-tant-med-max-villman
i-vantan-pa-katastrofen
rss-sjalsligt-avkladd
jagaren