question

MrJSmith-5263 avatar image
0 Votes"
MrJSmith-5263 asked azure-cxp-api edited

Is an ASE required for PCI SAQ A-EP compliance?

Is an ASE required for PCI SAQ A-EP compliance? or as long as the web application is correctly secured, simply using 'standard' Web Apps will provide the necessary network security required for compliance.

Our design would have Application Gateway in front of the Web Apps and the web application would use Azure SQL.

Thanks for your help

azure-webapps-security
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

DanielJPowell avatar image
0 Votes"
DanielJPowell answered

You would need an application gateway or other WAF component (e.g. an NVA with WAF features). You could also use containers/AKS

5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.