Use case cards FIMFile Integrity Monitoring, Prevent write access to systems folders path. Packaging toolsDeny execution of package management tools. Account TokenProtect access to service account token Trusted cert bundleProtect write access to the trusted root certificates bundle. Database accessProtect read/write access to raw database tables from unknown processes. Config dataProtect access to configuration data containing plain text credentials. File CopyPrevent file copy using standard utilities. Network AccessPrevent network access to any processes or selectively enable network access to specific processes. /tmp/ noexecDo not allow execution of binaries from /tmp/ folder. Admin toolsDo not allow execution of administrative/maintenance tools inside the pods. Discovery toolsDo not allow discovery/search of tools/configuration. Logs deleteDo not allow external tooling to delete logs/traces of critical components. ICMP controlDo not allow scanning tools to use ICMP for scanning the network. Was this page helpful? Thanks for your feedback! Thanks for your feedback! Help us improve this page by using our feedback form.