Loading…
Seattle, WA
December 10–13, 2018
Click Here for More Information & Registration
View Venue Map
Wednesday, December 12 • 2:35pm - 3:10pm
How We Survived Our First PCI/HIPAA Compliant Check with Kubernetes - Travis Jeppson, Nav

Sign up or log in to save this to your schedule and see who's attending!

Tweet Share
Feedback form is now closed.
At a high level, Travis will go over what it took for Nav to pass their first compliance check with their application in Kubernetes.
 
 At a lower level, he'll discuss what PCI/HIPAA compliance is like in a world of containers. How to translate, and prioritize, the requirements from a traditional model, using virtual machines, to using a containerized model. What tools are already provided with Kubernetes, such as taints and tolerances, which tools are plug-ins, such as network policies; and what is missing and requires an external service.
 
He'll briefly cover Nav's build pipelines and why adding in security checks into the docker builds is important to maintaining a compliant environment.
 
 Finally, he'll discuss how moving forward you can reach a point of attaining a state of constant compliance; there is no reason to struggle to "become" compliant on a quarterly, or yearly, cadence.
Speakers
avatar for Travis Jeppson

Travis Jeppson

Director of Engineering, Nav
I am a bald husband and father. I have always been interested in learning as much as I possibly can. I have recently found myself learning a lot about self-improvement, and of course technology. I find these two subjects to be very difficult to ever get right. I love Star Wars, and... Read More →

Compliant with Kubernetes pdf
Wednesday December 12, 2018 2:35pm - 3:10pm
Ballroom 6B
  Security+Identity+Policy