How to Secure Your Containers from TeamTNT’s Docker Gatling Gun Campaign

Aqua describes TeamTNT’s active Docker Gatling Gun campaign targeting cloud-native environments, detailing rapid internet-wide scanning, container escape techniques, credential/token harvesting, and resource hijacking; the document combines threat analysis with guidance on using Aqua Runtime Protection policies (e.g., blocking fileless execution and enforcing runtime controls) to detect and mitigate these attacks.