Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
Wiz
FIN-728
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Not Verified
What It Detects
A privileged container is running on an asset where logging is not enabled. This creates a dangerous blind spot: the most severe container security misconfiguration exists with no audit trail or monitoring to detect exploitation. An attacker who compromises this container can escape to the host, install backdoors, and move laterally without generating any logged evidence. Incident response and forensics become extremely difficult without logging data.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Connectors
match
Wiz
Extra Data
and
[{'key': 'Key', 'value': 'wiz.no_privileged_container', 'operator': 'match'}, {'key': 'Value', 'value': 0, 'operator': 'match'}]
Logging Enabled (True/False)
==
0
Remediation
×
×
×
×
×
+ Add item
Why It Matters
×
×
×
×
+ Add item
Save Changes
Export Lucidum