Description:

Goal Summary:

Right now we can manually create network policies to isolate user namespaces from external connectivity if the vulnerabilities in that namespace or deployment pass certain thresholds. We would like to be able to do this automatically in ACS - define time and cvss score thresholds and then isolate only non-openshift namespaces or deployments that cross those thresholds. With a notification option via web hook and email. With some sort of exception process so mission critical applications are not affected.

A list of specific, measurable criteria that will be used to determine if
the feature is successful. Include key performance indicators (KPIs) or
other metrics., etc. Initial completion during Refinement status.

<enter success criteria and/or KPIs here>