Skills
skills/bagelhole/devops-security-agent-skills/pci-dss-compliance

pci-dss-compliance

SKILL.md

PCI DSS Compliance

Implement PCI DSS requirements for payment card security.

Requirements

requirements:
  1_firewall:
    - Network segmentation
    - Firewall configuration
    - CDE isolation
    
  3_protect_data:
    - Mask PAN display
    - Encrypt stored data
    - Key management
    
  6_secure_systems:
    - Patch management
    - Secure development
    - Change control
    
  8_access_control:
    - Unique IDs
    - MFA for remote access
    - Password policies
    
  10_logging:
    - Audit trail
    - Time synchronization
    - Log retention (1 year)
    
  11_testing:
    - Vulnerability scans
    - Penetration testing
    - IDS/IPS monitoring

Network Segmentation

Internet --> DMZ --> Firewall --> CDE
                                  |
            Non-CDE <-- Firewall --

Data Protection

encryption:
  at_rest: AES-256
  in_transit: TLS 1.2+
  key_storage: HSM or dedicated key vault
  
tokenization:
  - Replace PAN with token
  - Store mapping securely
  - Reduce CDE scope

Best Practices

  • Minimize CDE scope
  • Use tokenization
  • Quarterly vulnerability scans
  • Annual penetration tests
  • ASV scan certification
Weekly Installs
11
Repository
bagelhole/devop…t-skills
GitHub Stars
13
First Seen
Feb 4, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
Installed on
opencode11
codex11
claude-code10
github-copilot10
kimi-cli10
gemini-cli10