Kyverno Policies
TIBCO Control Plane follows Kubernetes best practices and Pod Security Standards. Kyverno is a Kubernetes-native policy engine to automate security, compliance, and best practices validation. For more information, see Kyverno documentation.
Note: For TIBCO Flogo and TIBCO BusinessWorks Container Edition applications, you have flexibility to decide on drop "drop-cap-net-raw" and set "require-ro-rootfs" policies based on the application needs. It is configurable during Helm app deployment.