C-0260 - Missing network policy

Framework

ClusterScan, WorkloadScan, SOC2, security

Severity

Medium

Description of the the issue

This control detects workloads that has no NetworkPolicy configured in labels. If a network policy is not configured, it means that your applications might not have necessary control over the traffic to and from the pods, possibly leading to a security vulnerability.

Related resources

ConfigMap, CronJob, DaemonSet, Deployment, Job, NetworkPolicy, Pod, ReplicaSet, StatefulSet

What does this control test

Check that all workloads has a network policy configured in labels.

Remediation

Review the workloads identified by this control and assess whether it's necessary to configure a network policy for them.

Example

No example