cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

Dynatrace and PCI DSS compliant systems

takahiko_imazon
Newcomer

Hi all,

I'm looking for use cases of Dynatrace for PCIDSS-compliant systems.

Are you using Dynatrace for PCIDSS-compliant systems?

How are you using it?

 

Regards,

Takahiko

 

1 REPLY 1

skrystosik
DynaMight Guru
DynaMight Guru
We have dynatrace on such applications. What are you concern about? Security? In general there are few issues here. For example, you can have application where card numbers and other informations are send as query parameters. In such case all users of dynatrace that has access to purepaths will be able to see them. I’ve made RFE some time ago about option to use private settings (DT has option to mask such data for whole environment) for particular system. This technology is quite aggressive and makes other systems sometimes hard to analyze (It hides for example IP addresses in URIS, so it’s harder to use them by developers or administrators).


Second option is ability to extract sensitive data using request Attributes. Here you can add permissions only for users that has proper contracts signed. Only they for example will be able to create such configurations and read values. For others this option may be masked.

Sebastian


Regards, Sebastian

Featured Posts