Container escapes — where an attacker breaks out of container isolation to access the host operating system — represent one of the most severe container security risks. Testing covers: privileged container configuration, capability misconfigurations, volume mount security (mounting sensitive host paths), kernel exploit potential, container runtime vulnerabilities, and Kubernetes pod security standard enforcement. A successful escape gives attackers access to all containers on the host and potentially the entire cluster.
Technical
Container Escape Vulnerability Testing: Breaking Out of Docker and Kubernetes Containers สำหรับองค์กรไทย
Container escapes allow attackers to break out of container isolation and access the host system. Testing container boundary security. Guidance for TH market.