← Back to Explore
T1053.007
Container Orchestration Job
Adversaries may abuse task scheduling functionality provided by container orchestration tools such as Kubernetes to schedule deployment of containers configured to execute malicious code. Container orchestration jobs run these automated tasks at a specific date and time, similar to cron jobs on a Linux system. Deployments of this type can also be configured to maintain a quantity of containers over time, automating the process of maintaining persistence within a cluster. In Kubernetes, a CronJo...
Containers
3
Detections
2
Sources
0
Threat Actors
BY SOURCE
2splunk_escu1elastic
PROCEDURES (3)
Service1 detections
Auto-extracted: 1 detections for service
Service1 detections
Auto-extracted: 1 detections for service
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring