Restrict exec commands on pods
Info
ID: MS-M9010
MITRE mitigation: -
Restrict running Kubenetes exec command on sensitive\production containers using admission controller. This can prevent attackers from running malicious code on containers in cases when he pods/exec permission was obtained.
Techniques Addressed by Mitigation
| ID | Name | Use |
|---|---|---|
| MS-TA9006 | Exec into container | Restrict exec commands on pods using admissions controller. |
| MS-TA9041 | Collecting data from pod | Restrict checkpoint and other commands on pods using admissions controller. |