Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
130
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
110
xss
Avatar for Philip Corliss pcorliss
1
340

Other Decks in Programming

See All in Programming
生成AI時代を勝ち抜くエンジニア組織マネジメント
Avatar for coconala_engineer coconala_engineer
0
26k
Deno Tunnel を使ってみた話
Avatar for すずとも kamekyame
0
260
Java 25, Nuevas características
Avatar for Carlos Zela Bueno czelabueno
0
120
Jetpack XR SDKから紐解くAndroid XR開発と技術選定のヒント / about-androidxr-and-jetpack-xr-sdk
Avatar for にー兄さん drumath2237
1
190
Findy AI+の開発、運用におけるMCP活用事例
Avatar for starfish719 starfish719
0
1.8k
Vibe codingでおすすめの言語と開発手法
Avatar for uyuki uyuki234
0
130
Giselleで作るAI QAアシスタント 〜 Pull Requestレビューに継続的QAを
Avatar for Tadashi Shigeoka codenote
0
300
愛される翻訳の秘訣
Avatar for Kishikawa Katsumi kishikawakatsumi
3
350
GISエンジニアから見たLINKSデータ
Avatar for nokonoko1203 nokonoko1203
0
190
組み合わせ爆発にのまれない - 責務分割 x テスト
Avatar for HAL halhorn
1
160
AIコーディングエージェント(Gemini)
Avatar for kondai kondai24
0
280
Combinatorial Interview Problems with Backtracking Solutions - From Imperative Procedural Programming to Declarative Functional Programming - Part 2
Avatar for Philip Schwarz philipschwarz
PRO
0
120

Featured

See All Featured
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.7k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.3k
The Curse of the Amulet
Avatar for Matthew Lei leimatthew05
0
4.8k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
Avatar for Tomoya Matsuura tomoyanonymous
0
320
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2.2k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
570
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
The browser strikes back
Avatar for Jono Alderson jonoalderson
0
220
Become a Pro
Avatar for Speaker Deck speakerdeck
PRO
31
5.7k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.1k

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree