Your host firewall is still your first line of defense
Everyone in our team was obsessed with the network layer. We had Calico policies locked down tight. Every Kubernetes namespace tagged. VPC flow logs streaming into our SIEM. We were proud of it. Then …