Description: This query looks for Docker containers that have privileged status.
What The Data Shows: Using the privileged flag gives all Linux kernel capabilities to the container and lifts limitations enforced by the cgroup controller. CIS Benchmarks for running containers recommend that this flag is not used except for very few special use cases. Use this query to identify containers in your environment that have this elevated status and make sure that there is a specific reason that the container need to maintain that status.
SELECT id, name, image, state, started_at