MITRE ATT&CK detection coverage

← Back to main site

Home/ MITRE Matrix/ Credential Access/ T1552.007

T1552.007Container API

T1552.007 — Container API is a MITRE ATT&CK technique in the Credential Access tactic. Clankerusecase tracks 5 detection use cases covering it.

Credential Access

View on the matrix → Filter Detection Library MITRE official spec ↗

5Use cases

0Articles

0Sub-techniques

1Tactic

↑ Parent technique: T1552 · Unsecured Credentials

Use cases covering this technique (5)

Kubernetes Secret accessed Internal actions · alerting DD Kubernetes Abuse of Secret by Unusual Location ESCU actions · hunting P Kubernetes Abuse of Secret by Unusual User Agent ESCU actions · hunting P Kubernetes Abuse of Secret by Unusual User Group ESCU actions · hunting P Kubernetes Abuse of Secret by Unusual User Name ESCU actions · hunting P