We’re thrilled to announce two major milestones for Couchbase Capella™, our cutting-edge managed Database-as-a-Service (DBaaS) platform. We have officially achieved the Payment Card Industry Data Security Standard (PCI DSS) version 4.0 attestation of compliance (AoC) as well as a CSA STAR Level 2 certification for attestation of compliance! These achievements build on our existing SOC 2 and HIPAA compliant controls, highlighting our unwavering commitment to the highest data security standards and customer trust.

PCI DSS 4.0: Elevating Security Standards

Couchbase Capella’s achievement of PCI DSS 4.0 compliance marks a significant advancement in our platform’s security controls. Rigorously audited by an independent third-party auditor, our PCI DSS 4.0 compliant controls assure organizations of our ability to securely manage and store credit card financial data. The comprehensive audit process demonstrates our dedication to protecting sensitive information and maintaining the confidentiality, integrity, and availability of your data.

CSA STAR Level 2: Demonstrating Excellence

In addition to the PCI DSS 4.0 compliance, Couchbase Capella has successfully completed a CSA STAR Level 2 certification for attestation of compliance. This certification follows an external security audit of our platform. The CSA STAR Level 2 certification underscores our dedication to not only meeting but exceeding security benchmarks. We are thrilled to have this external validation of our security measures.

A Bright Future Ahead

With Couchbase Capella, security isn’t just a feature – it’s a foundation. We understand the critical importance of safeguarding your sensitive data in today’s digital landscape. Achieving PCI DSS 4.0 compliance and CSA STAR Level 2 certifications is a testament to our relentless pursuit of excellence and security. Our commitment to providing you with a secure and reliable platform is unwavering.

To learn more about our PCI DSS 4.0 and CSA STAR compliance and certifications, please visit the Cloud Trust Center on our website. Additionally, you can find out information about our commitment to SOC 2, GDPR, and HIPAA. Detailed whitepapers about Couchbase security and data protection can be downloaded as well.

If customers have any questions, contact us either via your account team or by opening a ticket in our Support Portal. Community Edition users can get in touch with us via our Discord or the Couchbase Forums.


Posted by Ian McCloy, Director Product Management

Ian McCloy is the Director of the Platform and Security Product Management Group for Couchbase and lives in the United Kingdom. His dedicated team is responsible for the Reliability, Availability, Serviceability and Security architecture of Couchbase Server and the SaaS Database, Capella. This team also own cloud-native platforms like the Couchbase Kubernetes Autonomous Operator. Ian has a vast range of experience as a Software Engineer, Technical Support Engineer, Quality Assurance Engineer and Systems Administrator. Ian has led global technical teams for the majority of his 20 year professional career and holds several patents in the areas of information security, virtualisation and hardware design. https://www.linkedin.com/in/ianmccloy/

Leave a reply