Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
120
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
100
xss
Avatar for Philip Corliss pcorliss
1
330

Other Decks in Programming

See All in Programming
実践ArchUnit ~実例による検証パターンの紹介~
Avatar for 荻原利雄 ogiwarat
2
270
SODA - FACT BOOK
Avatar for SODA inc. sodainc
1
1.1k
WindowInsetsだってテストしたい
Avatar for RyuNen344 ryunen344
1
190
来たるべき 8.0 に備えて React 19 新機能と React Router 固有機能の取捨選択とすり合わせを考える
Avatar for Yuka O’oka oukayuka
2
800
コード書くの好きな人向けAIコーディング活用tips #orestudy
Avatar for Hiromi Hishida 77web
3
320
技術懸念に立ち向かい 法改正を穏便に乗り切った話
Avatar for popCashew pop_cashew
0
1.5k
AIコーディング道場勉強会#2 君(エンジニア)たちはどう生きるか
Avatar for misaki.otb misakiotb
1
230
Go Modules: From Basics to Beyond / Go Modulesの基本とその先へ
Avatar for kuro kuro_kurorrr
0
120
Spring gRPC で始める gRPC 入門 / Introduction to gRPC with Spring gRPC
Avatar for mackey0225 mackey0225
2
510
関数型まつりレポート for JuliaTokai #22
Avatar for GOTOH Shunsuke antimon2
0
130
F#で自在につくる静的ブログサイト - 関数型まつり2025
Avatar for pizzacat83 pizzacat83
0
310
Java on Azure で LangGraph!
Avatar for Kohei Saito kohei3110
0
150

Featured

See All Featured
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
159
23k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
614
210k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
367
19k
Done Done
Avatar for chrislema chrislema
184
16k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
273
40k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
24
1.7k
Docker and Python
Avatar for Tania Allard trallard
44
3.4k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
52
2.8k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
524
40k
Code Review Best Practice
Avatar for Trisha Gee trishagee
68
18k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
299
51k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
55
5.6k

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree