Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
130
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
120
xss
Avatar for Philip Corliss pcorliss
1
340

Other Decks in Programming

See All in Programming
並行開発のためのコードレビュー
Avatar for Miyuki miyukiw
0
170
AgentCoreとHuman in the Loop
Avatar for Har1101 har1101
5
240
AI Agent の開発と運用を支える Durable Execution #AgentsInProd
Avatar for izumin5210 izumin5210
7
2.3k
Automatic Grammar Agreementと Markdown Extended Attributes
について
Avatar for Kishikawa Katsumi kishikawakatsumi
0
190
LLM Observabilityによる 対話型音声AIアプリケーションの安定運用
Avatar for Hiroyuki Moriya gekko0114
2
430
CSC307 Lecture 03
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
490
OCaml 5でモダンな並列プログラミングを Enjoyしよう!
Avatar for Haochen Kotoi-Xie haochenx
0
140
IFSによる形状設計/デモシーンの魅力 @ 慶應大学SFC
Avatar for がむ gam0022
1
300
【卒業研究】会話ログ分析によるユーザーごとの関心に応じた話題提案手法
Avatar for MomokoShirakawa momok47
0
200
CSC307 Lecture 06
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
690
20260127_試行錯誤の結晶を1冊に。著者が解説 先輩データサイエンティストからの指南書 / author's_commentary_ds_instructions_guide
Avatar for nash_efp nash_efp
1
970
今こそ知るべき耐量子計算機暗号(PQC)入門 / PQC: What You Need to Know Now
Avatar for mackey0225 mackey0225
3
380

Featured

See All Featured
Redefining SEO in the New Era of Traffic Generation
Avatar for Szymon szymonslowik
1
210
Improving Core Web Vitals using Speculation Rules API
Avatar for Sergey Chernyshev sergeychernyshev
21
1.4k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
Designing Dashboards & Data Visualisations in Web Apps
Avatar for Des Traynor destraynor
231
54k
How to build a perfect <img>
Avatar for Jono Alderson jonoalderson
1
4.9k
Heart Work Chapter 1 - Part 1
Avatar for Lake Fama lfama
PRO
5
35k
How to make the Groovebox
Avatar for あそなす asonas
2
1.9k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.5k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
Avatar for Aleyda Solis aleyda
1
1.9k
[SF Ruby Conf 2025] Rails X
Avatar for Vladimir Dementyev palkan
1
750
Designing for Timeless Needs
Avatar for Cassini Nazir cassininazir
0
130

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree