That’s normal in any compliance process, and why you typically want to vet the v... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		stingraycharles 18 days ago \| parent \| context \| favorite \| on: Ubuntu LTS releases to 15 years with Legacy add-on That’s normal in any compliance process, and why you typically want to vet the vendor that does the compliance monitoring. And auditor (some auditors are really overzealous). Took us a while to find the right ones.

jwr 18 days ago [–]

If you use Braintree as your payment processor (something I would not recommend), you get SecureMetrics as your PCI auditor.

Even worse, someone is overzealous, because you will get SecureMetrics on your back even if you are below the PCI thresholds.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact