File Integrity Monitoring for Docker & Kubernetes: A Complete PCI-DSS Guide
·4465 words·21 mins
A questions I hear often is: “How do we manage PCI Compliance for containers when they’re destroyed and recreated constantly?”
It’s a legitimate concern. In this post I write about file integrity monitoring when containerization is used (i.e. Docker, Kubernetes, etc) Traditional FIM tools were built for static servers that run for months or years. But containers? They live for minutes, hours, maybe days.
The PCI-DSS standard doesn’t give you a pass just because you’re using modern infrastructure. Requirement 11.5.2 still applies, you still need to detect unauthorized file modifications. The approach just looks completely different.