Kubernetes Pod Attached To Host Network detection monitors for the creation of pods that utilize the host's network namespace. This configuration allows pods to intercept all network traffic and communicate within the host's network, leading to potential security risks such as exposure of sensitive data. Attackers leveraging this capability can capture secrets or exploit network vulnerabilities. The rule is tested against multiple cloud environments, ensuring that it detects potentially malicious activity wherein users create pods with `hostNetwork: true`. A methodology is provided in the runbook to establish baseline behaviors and investigate anomalies in pod creation events over a review period.