Suspicious activity

EKS Cluster with Execution:Kubernetes/ExecInKubeSystemPod GuardDuty Alert Found

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

A command was executed in a pod within the kube-system namespace using Kubernetes exec API.
  • Recommended Mitigation

    It is recommended to restrict the access to the cluster and attend any additional alerts linked to it.