• Proposed title of this feature request

compliance-operator CustomRules capability extend to host-level scanning 

• What is the nature and description of the request?

One of our customers would like to see this feature included in OpenShift 4.x.

JPMC would like extend compliance-operator rules ,which is customer have custom controls that are unique to their organization's security posture and capability to write custom rules. As we understand today  - 

"

 CustomRule feature is currently designed for platform-level compliance checks, allowing it to evaluate Kubernetes and OpenShift API resources (like Pods, Roles, and cluster configurations). This capability does not extend to host-level scanning

"

JPMC have requirements that are custom controls specific to Node level such as  a package doesn't exists on node, verifying file permissions, auditing file contents, or inspecting running processes on the host filesystem

• Why does the customer need this? (List the business requirements here)

The customer  have custom controls that are platform and as well as node level