Product

Debian

1 brief RSS

Leveraging Linux Cgroups for Threat Detection and Investigation

This brief outlines how Linux cgroups, a kernel feature for resource management, can be repurposed to provide valuable telemetry for detecting malicious processes, particularly in systemd, Docker, and Kubernetes environments, aiding in investigations of server compromises.

Red Hat Enterprise Linux +5 linux cgroups container kubernetes docker systemd threat-detection

2r 24m ago