Back to articles
Foregenix
3 min read
SHARE
SUBSCRIBE

Subscribe to our Blog

As a result of a SIG exercise, the New Information Supplement: Guidance for Containers and Container Orchestration Tools has been published this week. The Foregenix assessors were provided the opportunity to share knowledge and contribute in building this guidance for the secure use of containers and container orchestration tools to educate about threats and best practices in a way that is meaningful to PCI stakeholders in a payment environment.

The published guidance document is intended for use by merchants, service providers, and assessors to support entities with background knowledge, actionable guidance, and practical examples to assist in securing containerized systems against common threats, as a supplement to the PCI standards requirements.

As the PCI Security Standards Council stated in their announcement: 

“Organisations are increasingly adopting container technology to scale, secure, and rapidly deploy the applications used in their payment systems. While employing containers and container orchestration tools may be beneficial in terms of cost, performance, manageability, and security over traditional hardware-based deployment models, use of containers and container orchestration tools is not without security risks. Use case-based examples of some of the threats, and the use of the best practices to address those threats.” 

You can access the informational supplement in the PCI SSC portal by clicking here.

About Foregenix

Since 2009, Foregenix is qualified to deliver against all assessor programs, including PCI DSS, PA-DSS/PCI SSF, P2PE, PCI PIN, 3DS and Card Production (CPSA), PCI Forensic Investigation Services (PFI certified), across all 6 global regions . In addition to the PCI standards, Foregenix provides advisory and assessment services for SWIFT Customer Security Program, Security Testing (Internal, External, Web, Mobile and Cloud Application), Information Security Consultancy, Digital Forensics and Incident Response and Risk Management. Foregenix is the leading advisory team on Point-to-Point-Encryption, having assisted many of the world’s leading payment brands through their P2PE projects.

To view the Foregenix QSA company certificate please visit the PCI Security Standards Council website: www.pcisecuritystandards.org  

About the PCI Security Standards Council

The PCI Security Standards Council (PCI SSC) leads a global, cross-industry effort to increase payment security by providing industry-driven, flexible, and effective data security standards and programs that help businesses detect, mitigate and prevent cyberattacks and breaches.

VIEW THE GUIDANCE FOR CONTAINERS AND CONTAINER ORCHESTATION TOOLS by PCI SSC

The PCI Security Standards Council (PCI SSC), within its strategies, encourages the creation of Special Interest Groups (SIGs) to promote collaboration between industry representatives, subject matter experts, the Participating Payment Brands, and themselves  to allow the development of practical payment security resources. These community-driven initiatives focus on payment security challenges related to PCI Security Standards. Foregenix assessors are proud to contribute to the SIGs by sharing knowledge with industry peers.

Contact Us

Access cybersecurity advisory services

 

Speak With Us

TAGS:

PCI, PA-DSS and P2PE Cybersecurity Compliance

Foregenix
Foregenix

See All Articles

Related Content

SEE ALL ARTICLES
Foregenix appointed to the PCI SSC Brazil Regional Engagement Board 2024-2025

Feb 01, 2024
Bolstering eCommerce Website Security: Easy Steps to Safeguard Against Breaches

Aug 17, 2023
Foregenix reappointed on the PCI SSC (GEAR) for the 3rd consecutive time

Nov 04, 2022
SUBSCRIBE

Subscribe to our blog

Security never stops. Get the most up-to-date information by subscribing to the Foregenix blog.