The Payment Card Industry Data Security Standard (PCI DSS), maintained by the Security Standards Council, is a set of security requirements to protect cardholder data environments (CDEs) where payment card data is stored, processed, or transmitted. PCI DSS provides a baseline of rigorous technical and operational requirements designed to protect CDEs.
We’re excited to share that New Relic has achieved PCI DSS Level 1 certification. As a PCI Level 1 service provider, New Relic customers can rely on us to meet their monitoring needs and centralize tooling across both PCI-regulated environments and not.
Intelligent Observability to meet your compliance obligations
Logging and monitoring: Requirement 10 in PCI DSS version 4.0 sets stringent requirements for log retention and monitoring. With New Relic, you can customize your logging retention and monitoring using our Live Archives feature. You can further configure automated alerts for continuous monitoring of log events and tailor alerts to focus on critical actions to mitigate alert fatigue.
Centralized vulnerability reporting: Requirement 11 focuses on vulnerability management and testing practices for custom software. With New Relic Vulnerability Management you can centralize your vulnerability monitoring and reporting across your environment, including both software and infrastructure. Reduce toil for both developers and security teams by centralizing vulnerabilities from multiple scanning platforms and provide a single source of truth for triaging them.
One place to view your infrastructure: Requirement 12 includes standards for validating your PCI DSS scope, including an inventory of your system components. With New Relic, you can consolidate both on-premises and cloud infrastructure. Break down silos of reporting across environments and enrich your data for intelligent monitoring and insights on business risk.
次のステップ
New Relic customers with PCI DSS obligations can use our platform to meet their own compliance requirements. Existing customers can inquire with their account team for a copy of our Attestation of Compliance (“AOC”).
本ブログに掲載されている見解は著者に所属するものであり、必ずしも New Relic 株式会社の公式見解であるわけではありません。また、本ブログには、外部サイトにアクセスするリンクが含まれる場合があります。それらリンク先の内容について、New Relic がいかなる保証も提供することはありません。