Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
130
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
120
xss
Avatar for Philip Corliss pcorliss
1
340

Other Decks in Programming

See All in Programming
[KNOTS 2026登壇資料]AIで拡張‧交差する プロダクト開発のプロセス および携わるメンバーの役割
Avatar for hisatake hisatake
0
280
CSC307 Lecture 07
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
550
MUSUBIXとは
Avatar for Hisaho nahisaho
0
130
AI によるインシデント初動調査の自動化を行う AI インシデントコマンダーを作った話
Avatar for azukiazusa azukiazusa1
1
730
MDN Web Docs に日本語翻訳でコントリビュート
Avatar for uutan1108 ohmori_yusuke
0
650
SourceGeneratorのススメ
Avatar for tkym htkym
0
200
Best-Practices-for-Cortex-Analyst-and-AI-Agent
Avatar for ryotaro.ikeda@finatext.com ryotaroikeda
1
110
AI Schema Enrichment for your Oracle AI Database
Avatar for thatjeffsmith thatjeffsmith
0
280
CSC307 Lecture 01
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
690
AI & Enginnering
Avatar for codelynx codelynx
0
110
AIによるイベントストーミング図からのコード生成 / AI-powered code generation from Event Storming diagrams
Avatar for nrs nrslib
2
1.9k
コマンドとリード間の連携に対する脅威分析フレームワーク
Avatar for Aja9tochin pandayumi
1
450

Featured

See All Featured
Test your architecture with Archunit
Avatar for Yoan thirion
1
2.2k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
791
250k
Technical Leadership for Architectural Decision Making
Avatar for Kenny Baas-Schwegler baasie
1
240
The B2B funnel & how to create a winning content strategy
Avatar for Katarina Dahlin katarinadahlin
PRO
1
270
Lightning Talk: Beautiful Slides for Beginners
Avatar for Ines Montani inesmontani
PRO
1
440
Dealing with People You Can't Stand - Big Design 2015
Avatar for Cassini Nazir cassininazir
367
27k
How STYLIGHT went responsive
Avatar for nonsquared nonsquared
100
6k
Ethics towards AI in product and experience design
Avatar for Skipper Chong Warson skipperchong
2
190
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
640
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
Avatar for Liv Day livdayseo
0
66

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree