When a container is allowed to share its host's network namespace, it can access local network listeners and leverage it to probe the host's local network.
Targeted resources by this rule (types of kind): Deployment / Pod / DaemonSet / StatefulSet / ReplicaSet / CronJob / Job
Enabled by default? False
Policy as code identifier: CONTAINERS_INCORRECT_HOSTNETWORK_VALUE_TRUE
If hostNetwork is set to true
Set the hostNetwork to false or remove it completely