ioc[.]one - OSINT Cyber Threat Intelligence Database

Securing the edge: Harnessing Falco's power with Elastic Security for cloud workload protection

Tags

cmtmf-attack-pattern:	Code Injection Process Injection
attack-pattern:	Data Code Injection - T1540 Cron - T1053.003 Exploits - T1587.004 Exploits - T1588.005 Process Injection - T1631 Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Process Injection - T1055 Sudo - T1169

Show in Graph

Common Information

Type	Value
UUID	93566849-31ab-493e-ab10-cb1e162c0f2b
Fingerprint	3af4d38ce9a13a00
Analysis status	DONE
Considered CTI value	0
Text language
Published	Nov. 15, 2024, midnight
Added to db	Nov. 15, 2024, 5:39 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Securing the edge: Harnessing Falco's power with Elastic Security for cloud workload protection
Title	Securing the edge: Harnessing Falco's power with Elastic Security for cloud workload protection
Detected Hints/Tags/Attributes	62/2/26

Source URLs

	Redirection	Url
Details	Source	https://www.elastic.co/blog/falco-elastic-security-cloud-workload-protection

URL Provider

Details	Provider	Source level domain
Details	elastic.co	www.elastic.co

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	305	✔	Elastic Blog - Elasticsearch, Kibana, and ELK Stack	https://www.elastic.co/blog/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	4	app.kubernetes.io
Details	Domain	8	rule.name
Details	Domain	11	fd.name
Details	Domain	21	process.parent.name
Details	Domain	1	process.user.id
Details	Domain	24	container.name
Details	Domain	71	kubernetes.io
Details	Domain	4127	github.com
Details	Domain	3	panix.sh
Details	File	1	falcosidekick.config
Details	File	49	process.exe
Details	File	32	ca.crt
Details	Github username	2	aegrah
Details	sha256	1	56a42e3ce894a8962a74eda57914ea24fd674b5102c2abb48a2ab5a47ac70d10
Details	IPv4	1	192.168.211.143
Details	IPv4	1	192.168.211.131
Details	IPv4	1	192.168.22.123
Details	IPv4	7	192.168.1.124
Details	IPv4	619	0.0.0.0
Details	IPv4	2	192.168.49.2
Details	IPv4	3	10.96.0.1
Details	IPv4	1441	127.0.0.1
Details	IPv4	14	172.17.0.2
Details	Url	1	http://192.168.22.123:3000/?cmd=bash
Details	Url	3	https://kubernetes.default.svc
Details	Url	1	https://github.com/aegrah/panix/releases/download/panix-v1.0.0/panix.sh