• consider adding a warning when the default Istio outbound traffic mode (ALLOW_ANY) is used in the absence of sidecar resources (and it adds connectivity to dns peers for example)
• Should serviceEntry (dns) peers be excluded from analysis in certain cases? e.g. kube-system pods are generally not part of the istio mesh

#476 (comment)

#476 (comment)