Payment Card Industry Data Security Standard (PCI DSS), maintained by Security Standards Council, is a set of security requirements to protect cardholder data environments (CDEs) where payment card data is stored, processed, or transmitted. PCI DSS provides a baseline of rigorous technical and operational requirements designed to protect CDEs.
Assessed against the PCI DSS version 4.0, New Relic maintains a Report on Compliance (ROC) and Attestation of Compliance (AOC) as a Level 1 Service Provider.
New Relic removes some of your sensitive data in logs with automatic log obfuscation. Enabled by default for all customers.
Applicable document by service
Caution
Not all New Relic Observability Platform services are in compliance with this program. For non-compliant services, please see the section of services not in scope.
Document | Last updated | Infrastructure | Services |
---|---|---|---|
Attestation of Compliance | 2024-NOV-13 | AWS, First Party | New Relic Observability Platform |
Services not in scope
Important
If you require a copy of New Relic’s AOC or PCI Customer Responsibility Matrix, reach out to your New Relic account representative.
The following services are not PCI DSS authorized:
Last updated | Infrastructure | Services |
---|---|---|
N/A | GCP | Pixie: Community Cloud for Pixie |
N/A | GCP | Pixie: Auto-telemetry with Pixie |
N/A | AWS, Azure | New Relic AI |