Seccomp and eBPF: Understanding Container Security and Kernel Access Control

Learn about container security hardening through a 32-minute conference talk exploring Secure Computing (seccomp) and eBPF technologies. Discover how to effectively limit container access to shared Linux kernels in Kubernetes environments by implementing the principle of least privilege. Through live demonstrations, explore and compare these two approaches for restricting system calls, file access, binary execution, and external DNS name resolution for containerized processes. Gain practical insights into choosing the most suitable security solution for your specific environment while understanding the fundamental differences between seccomp and eBPF implementations.