Using eBPF Superpowers to Generate Kubernetes Security Policies

Explore the power of eBPF in generating Kubernetes security policies in this 40-minute conference talk from KubeCon + CloudNativeCon Europe 2023. Dive into the challenges of defining security mechanisms for Kubernetes applications, including network policies, seccomp profiles, and security contexts. Learn about innovative eBPF-based tools like Inspektor Gadget, Kubernetes Security Profiles Operator, and oci-seccomp-bpf-hook that can automatically generate these policies by monitoring application events. Discover the limitations of this approach, future developments in the field, and methods for auditing applications to ensure compliance with security policies. Gain valuable insights from Microsoft experts Mauricio Vásquez Bernal and Alban Crequy on enhancing Kubernetes security through automated policy generation.