Udochi Nwobodo
From Pods to PCI: Translating Kubernetes Security for Security Audit & Compliance
Mastercard
Connect:
About Udochi Nwobodo
Udochi Nwobodo is an Infrastructure and Product Security Engineer with over five years of experience securing large-scale systems at Adobe, Coinbase, and Juniper Networks. She has led efforts to design and deploy cloud security solutions, integrate security into product lifecycles, and build vulnerability management programs that scale with business needs. Her work spans infrastructure, application security , and modern detection engineering. Beyond technical execution, Udochi focuses on strategic impact: enabling teams to balance speed with security, aligning detection thresholds with business risk, and turning raw telemetry into meaningful decisions. She holds a Master’s degree in Cybersecurity along with CISSP and CISM certifications. Udochi is passionate about bridging the gap between engineering and strategy, helping organizations move from reactive security to proactive resilience.
Talk Details
From Pods to PCI: Translating Kubernetes Security for Security Audit & Compliance
Kubernetes has become the backbone of modern infrastructure, but for many security managers and auditors, it still feels like an opaque, fast-moving black box. Terms like “pods,” “network policies,” or “admission controllers” often don’t translate cleanly into the language of compliance frameworks like PCI-DSS, SOC 2, or FedRAMP. This talk is designed to bridge that gap. I’ll walk through how low-level Kubernetes security controls; like RBAC, Pod Security Standards, and OPA/Gatekeeper policies, map directly to familiar compliance requirements around access control, segmentation, and audit logging. Using live examples, I’ll demonstrate how a misconfigured workload looks inside a cluster, and then show how the right policy or control enforces compliance in real time. The goal of this presentation is to give non-Kubernetes specialists; security managers, compliance professionals, and auditors, a practical framework for evaluating whether a Kubernetes environment is secure and compliant, even if they don’t use kubectl every day. Attendees will leave with a mental model that translates Kubernetes specifics into compliance outcomes, helping them ask the right questions, set meaningful controls, and better align engineering with audit requirements.
Session Information
Venue Information
Location:
Live! Casino & Hotel Philadelphia
900 Packer Ave, Philadelphia, PA
Date:
Friday, December 5, 2025