Currently, the docs (README, CRD) does not specifically emphasize risks associated with relaxed default configs. For example, running the eBPF agent as privileged unlocks more features, but that comes at the price of a less secure design, which isn't called out.
Review README & CRD docs to identify potential relaxed security configs, and document accordingly. This includes: privileged agent, netpol install, TLS/SASL config, Loki/Prometheus authentication...
Currently, the docs (README, CRD) does not specifically emphasize risks associated with relaxed default configs. For example, running the eBPF agent as privileged unlocks more features, but that comes at the price of a less secure design, which isn't called out.
Review README & CRD docs to identify potential relaxed security configs, and document accordingly. This includes: privileged agent, netpol install, TLS/SASL config, Loki/Prometheus authentication...