Escape to Host
Adversaries may break out of a container or virtualized environment to gain access to the underlying host. This can allow an adversary access to other containerized or virtualized resources from the host level or to the host itself. In principle, containerized / virtualized resources should provide a clear separation of application functionality and be isolated from the host environment.(Citation: Docker Overview) There are multiple ways an adversary may escape from a container to a host enviro...
BY SOURCE
PROCEDURES (21)
Auto-extracted: 6 detections for privilege
Auto-extracted: 5 detections for privilege
Auto-extracted: 4 detections for general monitoring
Auto-extracted: 3 detections for lateral
Auto-extracted: 2 detections for suspicious
Auto-extracted: 2 detections for service
Auto-extracted: 1 detections for parent process
Auto-extracted: 1 detections for persist
Auto-extracted: 1 detections for bypass
Auto-extracted: 1 detections for process creation monitoring
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for token
Auto-extracted: 1 detections for suspicious
Auto-extracted: 1 detections for kubernetes
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for parent process
Auto-extracted: 1 detections for kubernetes
Auto-extracted: 1 detections for kubernetes