Set up automated vulnerability scanning of all ingresses
Basic health checks should include periodic vulnerability checks, and the best way to do those checks is by running a vulnerability scanner against, at the very least, the externally available websites that are being hosted. There are great tools for this, like Nikto and ZAP that would easily support being run periodically.
As a first phase, this could be done with a static (configurable) list of Ingresses Then, this could be done using the kubernetes API to pull the existing ingresses and generate the ingresses to scan before scanning them.
As a P1 this should store the resulting report to NFS. As P2, this could send an email to me every day.
This is also possibly a good opportunity to learn about CronJobs