pci-dss-compliance

Implement PCI DSS requirements for payment card data. Configure cardholder data environment and security controls. Use when processing payment cards.

BagelHole 28 4 Updated 4mo ago

GitHub

Install

npx skillscat add bagelhole/devops-security-agent-skills/pci-dss-compliance

Install via the SkillsCat registry.

SKILL.md

PCI DSS Compliance

Implement PCI DSS requirements for payment card security.

Requirements

requirements:
  1_firewall:
    - Network segmentation
    - Firewall configuration
    - CDE isolation
    
  3_protect_data:
    - Mask PAN display
    - Encrypt stored data
    - Key management
    
  6_secure_systems:
    - Patch management
    - Secure development
    - Change control
    
  8_access_control:
    - Unique IDs
    - MFA for remote access
    - Password policies
    
  10_logging:
    - Audit trail
    - Time synchronization
    - Log retention (1 year)
    
  11_testing:
    - Vulnerability scans
    - Penetration testing
    - IDS/IPS monitoring

Network Segmentation

Internet --> DMZ --> Firewall --> CDE
                                  |
            Non-CDE <-- Firewall --

Data Protection

encryption:
  at_rest: AES-256
  in_transit: TLS 1.2+
  key_storage: HSM or dedicated key vault
  
tokenization:
  - Replace PAN with token
  - Store mapping securely
  - Reduce CDE scope

Best Practices

Minimize CDE scope
Use tokenization
Quarterly vulnerability scans
Annual penetration tests
ASV scan certification

pci-dss-compliance

Install

PCI DSS Compliance

Requirements

Network Segmentation

Data Protection

Best Practices

Categories

Install

Recommended Skills