EXPLORE
← Back to Explore
T1648

Serverless Execution

Adversaries may abuse serverless computing, integration, and automation services to execute arbitrary code in cloud environments. Many cloud providers offer a variety of serverless resources, including compute engines, application integration services, and web servers. Adversaries may abuse these resources in various ways as a means of executing arbitrary commands. For example, adversaries may use serverless functions to execute malicious code, such as crypto-mining malware (i.e. [Resource Hij...

SaaSIaaSOffice Suite
10
Detections
1
Sources
0
Threat Actors

BY SOURCE

10elastic

PROCEDURES (7)

Persist3 detections

Auto-extracted: 3 detections for persist

General Monitoring2 detections

Auto-extracted: 2 detections for general monitoring

Credential1 detections

Auto-extracted: 1 detections for credential

Aws1 detections

Auto-extracted: 1 detections for aws

Cloud1 detections

Auto-extracted: 1 detections for cloud

Credential1 detections

Auto-extracted: 1 detections for credential

Event Log1 detections

Auto-extracted: 1 detections for event log

DETECTIONS (10)