Threat actors may break out of a container or virtualized environment (e.g., SDR container) to gain access to the underlying host infrastructure. This allows access to other tenants' data or the provider's management network.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.