Explore Tetragon, an eBPF-based security observability and runtime enforcement tool, in this comprehensive introduction. Learn about its setup, event tracing capabilities, and policy enforcement features. Dive into topics such as kprobes, simlink, and new pod detection. Discover how to apply tracing policies, utilize the CNL name, and leverage log visualization for enhanced security insights. Gain practical knowledge through demonstrations on filtering techniques and addressing potential indicators of compromise. Understand the importance of BTF selectors and their semantic applications in cloud-native environments.
Overview
Syllabus
Introduction
Tetragon
Setup
Events
Tracing Policy
Kprobes
Enforcement
Simlink
New Pods
Applying a Tracing Policy
Using the CNL Name
Logs
Log Visualization
Conclusion
Filtering
Filtering Demonstration
Questions
Indication of compromise
BTF
Selector Semantic
Taught by
CNCF [Cloud Native Computing Foundation]
