Container and Resource Discovery
Adversaries may attempt to discover containers and other resources that are available within a containers environment. Other resources may include images, deployments, pods, nodes, and other information such as the status of a cluster. These resources can be viewed within web applications such as the Kubernetes dashboard or can be queried via the Docker and Kubernetes APIs.(Citation: Docker API)(Citation: Kubernetes API) In Docker, logs may leak information about the environment, such as the en...
BY SOURCE
PROCEDURES (27)
Auto-extracted: 3 detections for service
Auto-extracted: 3 detections for token
Auto-extracted: 3 detections for lateral
Auto-extracted: 2 detections for service
Auto-extracted: 2 detections for privilege
Auto-extracted: 2 detections for container
Auto-extracted: 2 detections for credential
Auto-extracted: 2 detections for api
Auto-extracted: 1 detections for remote
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for unusual
Auto-extracted: 1 detections for container
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for container
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for credential
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for token
Auto-extracted: 1 detections for unusual
Auto-extracted: 1 detections for unusual
Auto-extracted: 1 detections for container
Auto-extracted: 1 detections for remote
Auto-extracted: 1 detections for kubernetes
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for api
Auto-extracted: 1 detections for api