diff --git a/attack-tracks/workload-unauthenticated-service.json b/attack-tracks/workload-unauthenticated-service.json
new file mode 100644
index 00000000..42fddd22
--- /dev/null
+++ b/attack-tracks/workload-unauthenticated-service.json
@@ -0,0 +1,27 @@
+{
+    "apiVersion": "regolibrary.kubescape/v1alpha1",
+    "kind": "AttackTrack",
+    "metadata": {
+        "name": "workload-unauthenticated-service"
+    },
+    "spec": {
+        "version": "1.0",
+        "data": {
+            "name": "Initial Access",
+            "description": "An attacker can access the Kubernetes environment.",
+            "subSteps": [
+                {
+                    "name": "Execution (Vulnerable Image)",
+                    "description": "An attacker can execute malicious code by exploiting vulnerable images.",
+                    "checksVulnerabilities": true,
+                    "subSteps": [
+                        {
+                            "name": "Data Collection",
+                            "description": "An attacker can gather data."
+                        }
+                    ]
+                }
+            ]
+        }
+    }
+}
\ No newline at end of file
diff --git a/controls/C-0274-unauthenticatedservice.json b/controls/C-0274-unauthenticatedservice.json
index 17d4e11b..d199fb92 100644
--- a/controls/C-0274-unauthenticatedservice.json
+++ b/controls/C-0274-unauthenticatedservice.json
@@ -11,7 +11,7 @@
         ],
         "attackTracks": [
             {
-                "attackTrack": "workload-external-track",
+                "attackTrack": "workload-unauthenticated-service",
                 "categories": [
                     "Data Collection"
                 ]