Skip to content

Network mapping


ID: MS-TA9031
Tactic: Discovery
MITRE technique: T1046

Attackers may try to map the cluster network to get information on the running applications, including scanning for known vulnerabilities. By default, there is no restriction on pods communication in Kubernetes. Therefore, attackers who gain access to a single container, may use it to probe the network.


ID Mitigation Description
MS-M9014 Network Segmentation Restrict network between pods using network policies