Suspicious activity

EKS Cluster with Execution:Kubernetes/ExecInKubeSystemPod GuardDuty Alert Found

Risk Level

Hazardous (3)

Compliance Frameworks


A command was executed in a pod within the kube-system namespace using Kubernetes exec API.
  • Recommended Mitigation

    It is recommended to restrict the access to the cluster and attend any additional alerts linked to it.