InfoQ Homepage PCI DSS Content on InfoQ

News

RSS Feed

DevOps

Reconciling Kubernetes and PCI DSS for a Modern and Compliant Payment System

Ana Calin, systems engineer at Paybase, gave an experience report at QCon London [slides PDF] on how the end-to-end payments service provider solution managed to achieve PCI DSS level 1 compliance (the highest) with 50+ Node.js microservices running on Google Cloud Kubernetes Engine (GKE), and using Terraform for infrastructure provisioning and Helm for service deployment.

Manuel Pais
on Apr 21, 2019
DevOps

DevOps Survival in the Highly Regulated Financial Industry

Robert Scherrer, head of application engineering at SIX, on how the company leveraged DevOps principles and benefits in the highly regulated Swiss financial industry. Engaging with compliance auditors to collaboratively agree on solutions early before it's too costly to change and avoiding legacy internal directives (not actually required by external regulations) are the main takeaways.

Manuel Pais
on Jul 31, 2016
S is for Security

Frank Breedijk, security officer at Schuberg Philis, talks about the friction points between security and DevOps and how to collaborate to avoid them. Examples include automating security tests and environments, reducing scope of security audits to relevant system components only or allowing security fixes to jump the queue of changes to production.

Manuel Pais
on Jun 22, 2013
New DMTF WorkGroup To Address Cloud Security Concerns Through Cloud Audit Standards

Security concerns still remain the top inhibitor of cloud adoption and cloud audits will alleviate some of these concerns. DMTF instituted the Cloud Audit Data Federation Work Group (CADFWG) to define specifications which will empower organizations to audit cloud-based IT resources, regardless of their chosen cloud provider.

Jeevak Kasarkod
on May 08, 2011

Topics

Introduction to Kotlin's Coroutines and Reactive Streams

Michelle Noorali on the Service Mesh Interface Spec and Open Service Mesh Project

How Apache Pulsar is Helping Iterable Scale its Customer Engagement Platform

Emily Jaksch on the Myths, Misconceptions and Realities of the Millennial Generation

InfoQ Live Roundtable: Observability Patterns for Distributed Systems

Helpful links

QCons from around the world

Choose your language

News

Reconciling Kubernetes and PCI DSS for a Modern and Compliant Payment System

DevOps Survival in the Highly Regulated Financial Industry

S is for Security

New DMTF WorkGroup To Address Cloud Security Concerns Through Cloud Audit Standards

How x86 to arm64 Translation Works in Rosetta 2

How SAD DNS Works

Microsoft Edge WebView2 Now Generally Available

Michelle Noorali on the Service Mesh Interface Spec and Open Service Mesh Project

Chaos Engineering: the Path to Reliability

How Dropbox Created a Distributed Async Task Framework at Scale

QCon Plus: Summary of the Non-Technical Skills for Technical Folks Track

Emily Jaksch on the Myths, Misconceptions and Realities of the Millennial Generation

Kick-off Your Transformation by Imagining It Had Failed

Google Releases Objectron Dataset for 3D Object Recognition AI

How Apache Pulsar is Helping Iterable Scale its Customer Engagement Platform

Apple's ML Compute Framework Accelerates TensorFlow Training

Docker Pauses Image Expiration Enforcement, Announces Subscription Tiers

HashiCorp Vault Adds Tokenization and Auto-Join Features

Distributed Key-Value Store etcd Graduates at CNCF

QCon Plus

QCon San Francisco

QCon São Paulo

Login with:

Don't have an InfoQ account?

News