Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
120
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
110
xss
Avatar for Philip Corliss pcorliss
1
340

Other Decks in Programming

See All in Programming
株式会社 Sun terras カンパニーデック
Avatar for Sun terras.Inc sunterras
0
230
CSC509 Lecture 01
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
430
Back to the Future: Let me tell you about the ACP protocol
Avatar for Benedikt Terhechte terhechte
0
130
AIで開発生産性を上げる個人とチームの取り組み
Avatar for TaniiGo taniigo
0
130
タスクの特性や不確実性に応じた最適な作業スタイルの選択(ペアプロ・モブプロ・ソロプロ)と実践 / Optimal Work Style Selection: Pair, Mob, or Solo Programming.
Avatar for yuki honyanya
3
140
デミカツ切り抜きで面倒くさいことはPythonにやらせよう
Avatar for aokirishima aokswork3
0
190
Model Pollution
Avatar for Henning Schwentner hschwentner
1
180
CSC305 Lecture 02
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
260
猫と暮らすネットワークカメラ生活🐈 ~Vision frameworkでペットを愛でよう~ / iOSDC Japan 2025
Avatar for Yutaro Muta yutailang0119
0
220
実践AIチャットボットUI実装入門
Avatar for syumai syumai
7
2.5k
uniqueパッケージの内部実装を支えるweak pointerの話
Avatar for magavel magavel
0
920
Go言語の特性を活かした公式MCP SDKの設計
Avatar for hond hond0413
1
180

Featured

See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
54
3k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
71
11k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.5k
Writing Fast Ruby
Avatar for Erik Berlin sferik
629
62k
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
19
1.2k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
Avatar for Eileen M. Uchitelle eileencodes
140
34k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
347
40k
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
30
2.9k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
237
140k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
9
850
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
209
24k

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree