Container Residence Discovery Via Proc Virtual FS (746c86fb-ccda-4816-8997-01386263acc4)
Detects potential container discovery via listing of certain kernel features in the "/proc" virtual filesystem
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Container Residence Discovery Via Proc Virtual FS (746c86fb-ccda-4816-8997-01386263acc4) | Sigma-Rules | System Information Discovery - T1082 (354a7f88-63fb-41b5-a801-ce3b377b36f1) | Attack Pattern | 1 |