Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS, Immutable Infrastructure, and PCI
Search
Philip Corliss
September 01, 2016
Programming
0
110
AWS, Immutable Infrastructure, and PCI
Philip Corliss
September 01, 2016
Tweet
Share
More Decks by Philip Corliss
See All by Philip Corliss
Building a Platform on AWS
pcorliss
1
120
Developer Happiness - Building Systems & Tools
pcorliss
0
95
xss
pcorliss
1
320
Other Decks in Programming
See All in Programming
Enabling DevOps and Team Topologies Through Architecture: Architecting for Fast Flow
cer
PRO
0
330
受け取る人から提供する人になるということ
little_rubyist
0
240
Jakarta EE meets AI
ivargrimstad
0
110
as(型アサーション)を書く前にできること
marokanatani
10
2.7k
ActiveSupport::Notifications supporting instrumentation of Rails apps with OpenTelemetry
ymtdzzz
1
240
初めてDefinitelyTypedにPRを出した話
syumai
0
420
ピラミッド、アイスクリームコーン、SMURF: 自動テストの最適バランスを求めて / Pyramid Ice-Cream-Cone and SMURF
twada
PRO
10
1.3k
ペアーズにおけるAmazon Bedrockを⽤いた障害対応⽀援 ⽣成AIツールの導⼊事例 @ 20241115配信AWSウェビナー登壇
fukubaka0825
6
2k
OnlineTestConf: Test Automation Friend or Foe
maaretp
0
110
Ethereum_.pdf
nekomatu
0
460
ヤプリ新卒SREの オンボーディング
masaki12
0
130
RubyLSPのマルチバイト文字対応
notfounds
0
120
Featured
See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
A better future with KSS
kneath
238
17k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
What's in a price? How to price your products and services
michaelherold
243
12k
10 Git Anti Patterns You Should be Aware of
lemiorhan
655
59k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
26
2.1k
Docker and Python
trallard
40
3.1k
Become a Pro
speakerdeck
PRO
25
5k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.4k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.8k
Navigating Team Friction
lara
183
14k
Transcript
AWS, IMMUTABLE INFRASTRUCTURE, AND PCI Slides: https://speakerdeck.com/pcorliss/
WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,
Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree
BraintreePayments.com
Where We Were/Are • Physical Datacenters • Level 1 PCI
DSS Compliant Service Provider
AWS, The Natural Choice • PCI 1 Firewalls, VPCs •
PCI 9 Physical Access • PCI 10.1 Audibility
Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5
File Integrity
Scoped Access • PCI 7 Restrict Access
CVVs • PCI 3.2 Do Not Store CVVs
Secrets & KMS
Greenfield Development
S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history
for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).
VPCs • PCI 4: Encrypt Data Across Public Networks
Huge Wins
Evolving Platform
WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,
Github) • Cheese Enthusiast • Engineering Manager • Braintree
pcorliss
cer
little_rubyist
ivargrimstad
marokanatani
ymtdzzz
syumai
twada
fukubaka0825
maaretp
nekomatu
masaki12
notfounds
kastner
swwweet
kneath
morganepeng
michaelherold
lemiorhan
marktimemedia
trallard
speakerdeck
bluesmoon
eileencodes
lara
