AWS ECS Task Definition That Queries The Credential Endpoint (b94bf91e-c2bf-4047-9c43-c6810f43baad)
Detects when an Elastic Container Service (ECS) Task Definition includes a command to query the credential endpoint. This can indicate a potential adversary adding a backdoor to establish persistence or escalate privileges.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| AWS ECS Task Definition That Queries The Credential Endpoint (b94bf91e-c2bf-4047-9c43-c6810f43baad) | Sigma-Rules | Implant Internal Image - T1525 (4fd8a28b-4b3a-4cd6-a8cf-85ba5f824a7f) | Attack Pattern | 1 |