Helm Chart with Falcon CWP (Cloud Workload Protection)

When using the Helm chart with Falcon Cloud Workload Protection (CWP), users may encounter several security-related alerts that can be safely disregarded. These alerts range from medium-priority issues like container root access and host mounting concerns, to low-priority items such as missing probes and resource quotas, all of which have been documented and verified as acceptable exceptions.

The following issues have been noted when using the helm chart with Falcon CWP and can be safely ignored.

  • Container Running As Root (MEDIUM)

  • Container Running With Low UID (MEDIUM)

  • Non Kube System Pod With Host Mount (MEDIUM)

  • Readiness Probe Is Not Configured (MEDIUM)

  • Service Account Token Automount Not Disabled (MEDIUM)

  • Volume Mount With OS Directory Write Permissions (MEDIUM)

  • Workload Mounting With Sensitive OS Directory (MEDIUM)

  • Liveness Probe Is Not Defined (LOW)

  • Missing AppArmor Profile (LOW)

  • Pod or Container Without LimitRange (LOW)

  • Pod or Container Without ResourceQuota (LOW)

  • Secrets As Environment Variables (LOW)

  • Ensure Administrative Boundaries Between Resources (INFO)