Explore a 42-minute conference talk that delves into the evolution from security observability to enforcement using eBPF in cloud native environments. Learn how eBPF technology is being implemented across runtime security tools like Falco, KubeArmor, and Tetragon for kernel-level security event collection. Discover the Tetragon team's journey in transitioning from retroactive attack detection to proactive attack prevention, covering crucial aspects of security model definition and the hardening of kernel-Kubernetes system interactions. Gain deep technical insights into eBPF-based enforcement mechanisms, understand how they differ from traditional observability approaches, and explore implementation challenges. Master the inner workings of eBPF-based runtime security while learning to navigate common pitfalls in implementation.
From Observability to Enforcement: Lessons Learned Implementing eBPF Runtime Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
From Observability to Enforcement: Lessons Learned Implement... Anna Kapuścińska & Kornilios Kourtis
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Tetragon: eBPF-Based Security Observability and Runtime Enforcement Tool
-
Getting Familiar with Security Observability Using eBPF and Cilium Tetragon
-
Comparing Kubernetes Security Agents: Falco, Tetragon and KubeArmor
-
Real-Time Security: Using eBPF for Preventing Attacks
-
Dealing with eBPF's Observability Data Deluge
-
Lessons from Building Scalable Network Policy Enforcement with eBPF
