Skip to content

Restrict exec commands on pods

Info

ID: MS-M9010
MITRE mitigation: -

Restrict running Kubenetes exec command on sensitive\production containers using admission controller. This can prevent attackers from running malicious code on containers in cases when he pods/exec permission was obtained.

Techniques Addressed by Mitigation

ID Name Use
MS-TA9006 Exec into container Restrict exec commands on pods using admissions controller.
MS-TA9041 Collecting data from pod Restrict checkpoint and other commands on pods using admissions controller.