open-menu
closeme
File System Debugger Launched Inside a Privileged Container
calendar
Jul 24, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
Mount Launched Inside a Privileged Container
calendar
Jul 24, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
AWS Credentials Searched For Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
Container Management Utility Run Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Execution
·
Share on:
twitter
facebook
linkedin
copy
Container Workload Protection
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
·
Share on:
twitter
facebook
linkedin
copy
File Made Executable via Chmod Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Execution
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Interactive Exec Command Launched Against A Running Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Execution
·
Share on:
twitter
facebook
linkedin
copy
Modification of Dynamic Linker Preload Shared Object Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Netcat Listener Established Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Execution
·
Share on:
twitter
facebook
linkedin
copy
Potential Container Escape via Modified notify_on_release File
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
Potential Container Escape via Modified release_agent File
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
Sensitive Files Compression Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Collection
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
Sensitive Keys Or Passwords Searched For Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
SSH Authorized Keys File Modified Inside a Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Persistence
Tactic: Lateral Movement
·
Share on:
twitter
facebook
linkedin
copy
SSH Connection Established Inside A Running Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Initial Access
Tactic: Lateral Movement
·
Share on:
twitter
facebook
linkedin
copy
SSH Process Launched From Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Lateral Movement
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Interactive Shell Spawned From Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Execution
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Network Tool Launched Inside A Container
calendar
May 22, 2024
·
Data Source: Elastic Defend for Containers
Domain: Container
OS: Linux
Use Case: Threat Detection
Tactic: Discovery
Tactic: Command and Control
Tactic: Reconnaissance
·
Share on:
twitter
facebook
linkedin
copy
to-top