<<< Hide Navigation Hide TOC >>>

Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)

Detects when a modification (create, update or replace) action is taken that affects mutating or validating webhook configurations, as they can be used by an adversary to achieve persistence or exfiltrate access credentials.

Rows: 4

Loading extensions...

Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, [empty], [nonempty], rgx:
Learn more

---

TableFilter v0.7.2

https://www.tablefilter.com/
©2015-2025 Max Guglielmi

Close

?

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
	Clear Attack Pattern		Clear Attack Pattern Sigma-Rules	Clear 1 2
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517)	Attack Pattern	Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	1
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81)	Attack Pattern	Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	1
Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436)	Attack Pattern	Kubernetes Admission Controller Modification (eed82177-38f5-4299-8a76-098d50d225ab)	Sigma-Rules	1
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517)	Attack Pattern	Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436)	Attack Pattern	2