//
Busque em todas as páginas da documentação
6 pages in this section.
How Pod Security Standards, securityContext, and admission control stack into defense in depth
Pod Security Standards: privileged/baseline/restricted
The shared kernel, the real threat model, and why pod isolation needs defense in depth
runAsNonRoot, readOnlyRootFilesystem, drop capabilities
Enforce restricted in prod namespaces via admission