<<< Hide Navigation Hide TOC >>>

Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)

Detects when a modification (create, update or replace) action is taken that affects mutating or validating webhook configurations, as they can be used by an adversary to achieve persistence or exfiltrate access credentials.

Rows: 4

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Attack Pattern Sigma-Rules		Clear Attack Pattern Sigma-Rules	Clear 1 2
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81)	Attack Pattern	Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	1
Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436)	Attack Pattern	Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	1
Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517)	Attack Pattern	1
Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436)	Attack Pattern	Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517)	Attack Pattern	2