Welcome to the DivvyCloud Docs!

DivvyCloud is a Cloud Security Posture Management (CSPM) platform that provides real-time analysis and automated remediation across leading cloud and container technologies.

For questions about documentation reach out to us [email protected]

Take Me to the Docs!    Release Notes

PCI Compliance Pack


DivvyCloud's new Payment Card Industry Data Security Standard (PCI DSS) Pack includes DivvyCloud Insights that can map to the PCI DSS requirements. This pack is important for organizations that are required to align with the Payment Card Industry Data Security Standards.

DivvyCloud's 21.1 release includes two PCI DSS Compliance Packs: the newly released pack and the legacy pack.

As a result of the dynamic nature of cybersecurity frameworks, we are continuously working to update our compliance packs, and customers can expect to see changes to the number of Insights mapping to these frameworks.

PCI-DSS Updated Compliance Pack

In the DivvyCloud platform under "Security --> Insights" on the "Compliance Packs" tab, the pack labeled PCI DSS is the most up-to-date version.

The pack labeled PCI DSS (Legacy) is the older version, which we will eventually deprecate. We strongly recommend using the newest version.


Before you get started with any compliance packs, you will need to have the following:

  • A functioning DivvyCloud installation
  • The appropriate permissions to apply this compliance pack to your desired infrastructure
  • Familiarity with your organization’s compliance requirements

If you have questions about implementing this compliance pack or other general questions, reach out to us via [email protected].

Feature Summary

DivvyCloud's new PCI DSS Compliance Pack contains dozens of Insights that map to the Payment Card Industry Data Security Standard requirements.

  • For the best results we recommend tailoring the Insights to your specific organization’s cloud environment.
  • For example, if your organization does not use containers, remove any Insights related to containers to ensure you only get the compliance information you need.
  • Using the DivvyCloud’s Infrastructure as Code (IaC) scanning feature can help align to Requirement 6.3.2. (Read more about our IAC capabilities on our IAC Overview page.)
  • Note: Using DivvyCloud in your environment can help align to the following Payment Card Industry -Data Security Standard (PCI-DSS) requirements:
    • Requirement 2.2
    • Requirement 2.4
    • Requirement 6.1

What's Next

To learn more about using both DivvyCloud’s out-of-the-box Compliance Packs and our Custom Insight Packs, take a look at our Insights documentation.

In addition, to explore more details around our automation capabilities, take a look at our documentation on BotFactory.

Updated 2 months ago

PCI Compliance Pack

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.