Posted On: Jul 25, 2016

AWS WAF (Web Application Firewall) is now included in the set of services that are compliant with the Payment Card Industry Data Security Standard (PCI DSS 3.2) Merchant Level 1, the highest level of compliance for service providers.

PCI DSS compliance is a requirement for any business that stores, processes, or transmits credit card data. AWS WAF's PCI compliance now makes it easier for retail e-commerce, travel booking, ticket sale, or in-app purchase applications to integrate AWS WAF as a part of their architecture and adhere to PCI DSS. Customers who need to adhere to PCI compliance, can now use AWS WAF to protect their web applications from common web exploits like SQL Injection or Cross-Site Scripting, or content abuse like bots and scrappers, or attacks that consume excessive resources (like HTTPS floods).

To learn more about AWS WAF PCI DSS compliance, please read our blog announcement