Clear container logs
Info
ID: MS-TA9021
Tactic: Defense Evasion
MITRE technique: T1070
Attackers may delete the application or OS logs on a compromised container in an attempt to prevent detection of their activity.
Mitigations
| ID | Mitigation | Description |
|---|---|---|
| MS-M9020 | Collect Logs to Remote Data Storage | Collect container logs to a separate storage system. |
| MS-M9016 | Restrict File and Directory Permissions | Restrict access to container logs. |