creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 15:04:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/detecting-container-escape-attempts/assets/template.md
T

1.3 KiB
Raw Blame History

Container Escape Detection Assessment Template

Environment Information

Field Value
Cluster Name
Container Runtime Docker / containerd / CRI-O
Kernel Version
Runtime Detection Tool Falco / Sysdig / Tetragon
Assessment Date

Escape Surface Inventory

Container Privileged Capabilities Host NS Docker Socket Risk Score
/10

Detection Rules Deployed

Rule Tool Detects Status
Namespace manipulation Falco setns/unshare from container
Docker socket access Falco /var/run/docker.sock read/write
Kernel module loading Falco modprobe/insmod from container
Sensitive proc access Falco /proc/sysrq-trigger, /proc/kcore
Cgroup escape Falco release_agent write
Mount operations auditd mount/umount2 syscalls
Binary replacement FIM runc/containerd binary changes

Findings

Priority Container Risk Factor Score Remediation
P1
P2

Remediation Tracking

Finding Action Required Owner Status Verified
Reference in New Issue View Git Blame Copy Permalink