New Relic achieves PCI DSS Level 1 certification

The Payment Card Industry Data Security Standard (PCI DSS), maintained by the Security Standards Council, is a set of security requirements to protect cardholder data environments (CDEs) where payment card data is stored, processed, or transmitted. PCI DSS provides a baseline of rigorous technical and operational requirements designed to protect CDEs.

We’re excited to share that New Relic has achieved PCI DSS Level 1 certification. As a PCI Level 1 service provider, New Relic customers can rely on us to meet their monitoring needs and centralize tooling across both PCI-regulated environments and not. 

Intelligent Observability to meet your compliance obligations 

Logging and monitoring: Requirement 10 in PCI DSS version 4.0 sets stringent requirements for log retention and monitoring. With New Relic, you can customize your logging retention and monitoring using our Live Archives feature. You can further configure automated alerts for continuous monitoring of log events and tailor alerts to focus on critical actions to mitigate alert fatigue. 

Centralized vulnerability reporting: Requirement 11 focuses on vulnerability management and testing practices for custom software. With New Relic Vulnerability Management you can centralize your vulnerability monitoring and reporting across your environment, including both software and infrastructure. Reduce toil for both developers and security teams by centralizing vulnerabilities from multiple scanning platforms and provide a single source of truth for triaging them.

One place to view your infrastructure: Requirement 12 includes standards for validating your PCI DSS scope, including an inventory of your system components. With New Relic, you can consolidate both on-premises and cloud infrastructure. Break down silos of reporting across environments and enrich your data for intelligent monitoring and insights on business risk.