Product
This analytic detects suspicious image pulling in Kubernetes environments by monitoring Kubernetes audit logs for image pull requests that do not match a predefined list of allowed images, potentially indicating malicious software deployment or system infiltration.