Evgeniy Gantman

Senior Cloud Security Architect & DevSecOps Leader

15+ Years | PCI DSS 4.0 Expert | AWS Security | Zero Trust Architecture

View My Security Journey Explore Key Projects

Key Achievements

Measurable results from security implementations

✅

PCI DSS Level 1 - Zero Audit Findings

Achieved compliance with no findings

⚡

99.95% Uptime - Payment Processing

High availability for critical systems

📉

85% Security Incident Reduction

Through SIEM deployment and monitoring

💰

45% AWS Cost Optimization

FinOps practices implementation

🎯

60% CDE Scope Reduction

Via tokenization and segmentation

Latest Projects

Real-world security implementations from my portfolio

PCI DSS 4.0 Compliance Architecture

Complete PCI DSS Level 1 compliance implementation for payment processing platform

AWS KMS Wazuh SIEM Istio Terraform Kubernetes AWS Config

View case study →

From the Blog

Technical insights and security best practices

August 10, 2024 •

PCI DSS Encryption Tokenization AWS KMS Data Protection

Implementing PCI DSS Requirement 3: Encryption & Tokenization Strategies

Overview

PCI DSS Requirement 3 focuses on protecting stored cardholder data through encryption, tokenization, and other cryptographic methods. This article explores practical implementation strategies.

Key Components

1. Encryption Requirements

3.1: Keep cardholder data storage to a minimum

Implement data retention policies
Automate data lifecycle management
Regular data discovery scans

3.2: Do not store sensitive authentication data

Prohibit storage of full track data, CVV2, PIN blocks
Implement validation in CI/CD pipelines
Regular scanning for accidental storage

2. Cryptographic Implementation

AWS KMS Configuration:

View All Articles