Product
The rule identifies suspicious usage of unshare to manipulate system namespaces, which can be utilized to escalate privileges or escape container security boundaries.