securityContext
runAsNonRoot
runAsUser
privileged
procMount
allowPrivilegeEscalation
readOnlyRootFilesystem
PodSecurityPolicy
RBAC
NetworkPolicy
seccomp
Linux Capabilities
AppArmor
SELinux
Falco
Open Policy Agent
gVisor
Kata Containers
Nabla Containers
Service Mesh
KubeSec
KubeBench