Payment Card Industry Data Security Standard (PCI DSS), maintained by Security Standards Council, is a set of security requirements to protect cardholder data environments (CDEs) where payment card data is stored, processed, or transmitted. PCI DSS provides a baseline of rigorous technical and operational requirements designed to protect CDEs.
Assessed against the PCI DSS version 4.0, New Relic maintains a Report on Compliance (ROC) and Attestation of Compliance (AOC) as a Level 1 Service Provider.
New Relic removes some of your sensitive data in logs with automatic log obfuscation. Enabled by default for all customers.
Applicable document by service
주의
Not all New Relic Observability Platform services are in compliance with this program. For non-compliant services, please see the section of services not in scope.
The following applies to the New Relic Observability Platform:
Document | Last updated | Infrastructure | Services |
|---|---|---|---|
Attestation of Compliance | 2024-NOV-13 | AWS, First Party | New Relic Observability Platform |
중요
If you require a copy of New Relic’s AOC or PCI Customer Responsibility Matrix, reach out to your New Relic account representative.
Services not in scope
The following services are not PCI DSS authorized:
Last updated | Infrastructure | Services |
|---|---|---|
N/A | AWS | CodeStream |
N/A | AWS, GCP | ML Ops |
N/A | GCP | Pixie: Community Cloud for Pixie |
N/A | GCP | Pixie: Auto-telemetry with Pixie |