//
Busca en todas las páginas de la documentación
6 pages in this section.
How Pod Security Standards, securityContext, and admission control stack into defense in depth
Pod Security Standards: privileged/baseline/restricted
The shared kernel, the real threat model, and why pod isolation needs defense in depth
runAsNonRoot, readOnlyRootFilesystem, drop capabilities
Enforce restricted in prod namespaces via admission