Nirmata Documentation

Curated Policies
Nirmata Website

Curated Policies

Curated Policies
Pod Security Standards
Baseline profile

Baseline profile

The Baseline profile is aimed at ease of adoption for common containerized workloads while preventing known privilege escalations. It is targeted at application operators and developers of non-critical applications.

Click on each of the controls to know more about them.

disallow-capabilties
disallow-host-namespaces
disallow-host-path
disallow-host-ports
disallow-host-process
disallow-privileged-containers
disallow-proc-mount
disallow-selinux
restrict-apparmor-profiles
restrict-seccomp
restrict-sysctls

Disallow Capabilities

Disallow Host Namespaces

Disallow Host Path

Disallow Host Ports

Disallow Host Process

Disallow Privileged Containers

Disallow Proc Mount

Disallow SELinux

Restrict Apparmor Profiles

Restrict Seccomp

Restrict Sysctls

© 2025 Nirmata Inc.All Rights ReservedPrivacy Policy