Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss Philip Corliss
September 01, 2016
Programming
0
110

AWS, Immutable Infrastructure, and PCI

Avatar for Philip Corliss

Philip Corliss

September 01, 2016
Tweet

More Decks by Philip Corliss

See All by Philip Corliss
Building a Platform on AWS
Avatar for Philip Corliss pcorliss
1
120
Developer Happiness - Building Systems & Tools
Avatar for Philip Corliss pcorliss
0
110
xss
Avatar for Philip Corliss pcorliss
1
340

Other Decks in Programming

See All in Programming
Reactの歴史を振り返る
Avatar for つちのこ tutinoko
1
170
Gemini CLIの"強み"を知る! Gemini CLIとClaude Codeを比較してみた!
Avatar for Kota Hisafuru kotahisafuru
3
940
オホーツクでコミュニティを立ち上げた理由―地方出身プログラマの挑戦 / TechRAMEN 2025 Conference
Avatar for はる lemonade_37
1
440
GUI操作LLMの最新動向: UI-TARSと関連論文紹介
Avatar for Kazuki Fujikawa kfujikawa
0
600
バイブコーディングの正体——AIエージェントはソフトウェア開発を変えるか?
Avatar for Shinichi Takayanagi stakaya
5
790
DynamoDBは怖くない!〜テーブル設計の勘所とテスト戦略〜
Avatar for hiroto_0411 hyamazaki
0
190
11年かかって やっとVibe Codingに 時代が追いつきましたね
Avatar for yimajo yimajo
1
240
대규모 트래픽을 처리하는 프론트 개발자의 전략
Avatar for Seungmin 마량 maryang
0
120
JetBrainsのAI機能の紹介 #jjug
Avatar for yusuke yusuke
0
190
Flutter로 Gemini와 MCP를 활용한 Agentic App 만들기 - 박제창 2025 I/O Extended Seoul
Avatar for JaiChangPark itsmedreamwalker
0
120
MySQL9でベクトルカラム登場!PHP×AWSでのAI/類似検索はこう変わる
Avatar for Suguru Ohki suguruooki
1
290
Terraform やるなら公式スタイルガイドを読もう 〜重要項目 10選〜
Avatar for hiyanger hiyanger
12
2.9k

Featured

See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
50
5.5k
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
223
9.9k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.2k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
69
4.8k
Fireside Chat
Avatar for paigeccino paigeccino
38
3.6k
Designing for Performance
Avatar for Lara Hogan lara
610
69k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Save Time (by Creating Custom Rails Generators)
Avatar for Garrett Dimon garrettdimon
PRO
31
1.3k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.6k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.4k
The Language of Interfaces
Avatar for Des Traynor destraynor
158
25k
Navigating Team Friction
Avatar for Lara Hogan lara
188
15k

Transcript

  1. AWS, IMMUTABLE INFRASTRUCTURE, AND PCI
 Slides: https://speakerdeck.com/pcorliss/

  2. WHO IS THIS ? • Philip Corliss • @pcorliss (Gmail,

    Twitter, Github) • Cheese Enthusiast • Engineering Manager • Braintree

  3. BraintreePayments.com

  4. Where We Were/Are • Physical Datacenters • Level 1 PCI

    DSS Compliant Service Provider

  5. AWS, The Natural Choice • PCI 1 Firewalls, VPCs •

    PCI 9 Physical Access • PCI 10.1 Audibility

  6. Immutable Infrastructure • PCI 6.1 Security Patches • PCI 11.5

    File Integrity

  7. Scoped Access • PCI 7 Restrict Access

  8. CVVs • PCI 3.2 Do Not Store CVVs

  9. Secrets & KMS

  10. Greenfield Development

  11. S3 Isn’t Near-Line Storage PCI 10.7 Retain audit trail history

    for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup).

  12. VPCs • PCI 4: Encrypt Data Across Public Networks

  13. Huge Wins

  14. Evolving Platform

  15. WHO’S THIS GUY? • Philip Corliss • @pcorliss (Gmail, Twitter,

    Github) • Cheese Enthusiast • Engineering Manager • Braintree