We have graded each check using a system of four possible scores: critical, high, medium, and low.
This scoring system lets you create compliance rules that take action depending on the severity of the violation.
If you want to be reasonably certain that your environment is secure, you should address all critical and high checks.
By default, all critical and high checks are set to alert, and all medium and low checks are set to ignore.
We expect customers to review, but probably never fix, medium and low checks.
There are just a handful of checks graded as critical.
Critical is reserved for things where your container environment is exposed to the Internet, and can result in a direct attack by somebody on the outside.
They should be addressed immediately.