- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Tactic:
Detect successful exploits of the command injection vulnerability.
Run a heuristic in the library (rule rasp-932-100
) to monitor shell command execution.
When the command executed appears to be controlled by the user (and that the control doesn’t appear legitimate), those specific commands are highlighted.
Since the exploit is proven and the attacker may be taking over the underlying infrastructure, the severity of the signal is set to CRITICAL
.
rasp-932-100
to blocking mode to prevent exploitation.