The Payment Card Industry Data Security Standard (PCI DSS), maintained by the Security Standards Council, is a set of security requirements to protect cardholder data environments (CDEs) where payment card data is stored, processed, or transmitted. PCI DSS provides a baseline of rigorous technical and operational requirements designed to protect CDEs.
We’re excited to share that New Relic has achieved PCI DSS Level 1 certification. As a PCI Level 1 service provider, New Relic customers can rely on us to meet their monitoring needs and centralize tooling across both PCI-regulated environments and not.
Intelligent Observability to meet your compliance obligations
Logging and monitoring: Requirement 10 in PCI DSS version 4.0 sets stringent requirements for log retention and monitoring. With New Relic, you can customize your logging retention and monitoring using our Live Archives feature. You can further configure automated alerts for continuous monitoring of log events and tailor alerts to focus on critical actions to mitigate alert fatigue.
Centralized vulnerability reporting: Requirement 11 focuses on vulnerability management and testing practices for custom software. With New Relic Vulnerability Management you can centralize your vulnerability monitoring and reporting across your environment, including both software and infrastructure. Reduce toil for both developers and security teams by centralizing vulnerabilities from multiple scanning platforms and provide a single source of truth for triaging them.
One place to view your infrastructure: Requirement 12 includes standards for validating your PCI DSS scope, including an inventory of your system components. With New Relic, you can consolidate both on-premises and cloud infrastructure. Break down silos of reporting across environments and enrich your data for intelligent monitoring and insights on business risk.
Étapes suivantes
New Relic customers with PCI DSS obligations can use our platform to meet their own compliance requirements. Existing customers can inquire with their account team for a copy of our Attestation of Compliance (“AOC”).
Les opinions exprimées sur ce blog sont celles de l'auteur et ne reflètent pas nécessairement celles de New Relic. Toutes les solutions proposées par l'auteur sont spécifiques à l'environnement et ne font pas partie des solutions commerciales ou du support proposés par New Relic. Veuillez nous rejoindre exclusivement sur l'Explorers Hub (discuss.newrelic.com) pour toute question et assistance concernant cet article de blog. Ce blog peut contenir des liens vers du contenu de sites tiers. En fournissant de tels liens, New Relic n'adopte, ne garantit, n'approuve ou n'approuve pas les informations, vues ou produits disponibles sur ces sites.
