- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Classification:
attack
Tactic:
Technique:
Set up the kubernetes integration.
Identify when a new Kubernetes admission controller is created in the cluster.
Admission controllers can intercept all incoming requests to the API server. An attacker can use them to establish persistence or to access sensitive data (such as secrets) sent to the API server.
This rule identifies when a MutatingWebhookConfiguration
or ValidatingWebhookConfiguration
is created.
{{@usr.id}}
should be creating the admission controller.User Investigation
dashboard to review user actions that occurred after the potentially malicious action.