For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Postman
PricingEnterprise
Contact SalesSign InSign Up for Free
HomeDocs
HomeDocs
      • Overview
      • Debug with Insights
      • Customize Insights
      • Uninstall Insights Agent
        • Overview
        • Access
        • Redactions
        • Repro mode security
        • DaemonSet security
      • FAQ
Postman API Platform

Product

  • Postman Overview
  • Enterprise
  • Spec Hub
  • Flows
  • Agent Mode
  • API Catalog
  • Fern
  • Postman CLI
  • Integrations
  • Workspaces
  • Plans and pricing

API Network

  • App Security
  • Artificial Intelligence
  • Communication
  • Data Analytics
  • Database
  • Developer Productivity
  • DevOps
  • Ecommerce
  • eSignature
  • Financial Services
  • Payments
  • Travel

Resources

  • Postman Docs
  • Academy
  • Community
  • Templates
  • Intergalactic
  • Videos
  • MCP Servers

Legal and Security

  • Legal Terms Hub
  • Terms of Service
  • Postman Product Terms
  • Security
  • Website Terms of Use

Company

  • About
  • Careers and culture
  • Contact us
  • Partner program
  • Customer stories
  • Student programs
  • Press and media
Twitter iconLinkedIn iconGithub iconYouTube iconInstagram iconDiscord icon
Download Postman
Privacy Policy

© 2026 Postman, Inc.

Postman InsightsData handling

DaemonSet security considerations

|View as Markdown|Open in Claude|
Was this page helpful?
Previous

Repro Mode security considerations

Next

Postman Insights reference

Built with

DaemonSet (multi-namespace) uses the Kubernetes API and the Container Runtime Interface (CRI) to obtain information on the running pods and containers. This includes environment variables, which may contain authentication credentials or other secrets. If the Postman Insights Agent is compromised, these values can be exfiltrated.

The CRI also has no read-only mode. The permissions allow the Postman Insights Agent to start containers and evade the usual monitoring capabilities imposed at the Kubernetes layer.

The CRI defines the main gRPC protocol for the communication between the node components kubelet and container runtime.

While installing the agent, Postman creates a service account and assigns a cluster role to that service. The Insights Agent then belongs to this service account. This role only has the Kubernetes default view access.

This represents the same access that Kubernetes monitoring tools like Datadog or New Relic agents use.