Skip to content

Commit

Permalink
Merge pull request #860 from splunk/kubernetes-unauthorized-access
Browse files Browse the repository at this point in the history 
Kubernetes unauthorized access
  • Loading branch information
@P4T12ICK
P4T12ICK committed Dec 7, 2023
2 parents 26251e9 + 9f2859c commit 283f3ed
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
3 changes: 3 additions & 0 deletions ...ttack_techniques/T1204/kubernetes_unauthorized_access/kubernetes_unauthorized_access.json
View file
Git LFS file not shown
11 changes: 11 additions & 0 deletions ...attack_techniques/T1204/kubernetes_unauthorized_access/kubernetes_unauthorized_access.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
author: Patrick Bareiss
id: 4db6594e-9e8c-4223-8681-262d06b4b4d3
date: '2023-12-07'
description: Kubernetes audit logs which contains a forbidden access to a namespace.
environment: attack_range
dataset:
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1204/kubernetes_unauthorized_access/kubernetes_unauthorized_access.json
sourcetypes:
- aws:cloudwatchlogs
references:
- https://attack.mitre.org/techniques/T1204

0 comments on commit 283f3ed

Please sign in to comment.