Explore the innovative use of eBPF for securing GitHub Actions in this conference talk by Jose Donizetti and Itay Shakury from Aqua Security. Delve into the world of supply chain security and learn how eBPF-based profiling can be leveraged to verify software builds and protect against malicious attacks. Discover the evolution of this solution, built on top of the open-source runtime security tool Tracee, which was developed in response to the widespread codecov hack. Gain valuable insights into the lessons learned since the initial release of this protective measure for build pipelines. Understand the importance of securing CI/CD processes and how eBPF technology can be applied to enhance the security of GitHub Actions, one of the most popular platforms for building and releasing software.
Overview
Syllabus
Verifiable GitHub Actions with eBPF - Jose Donizetti & Itay Shakury, Aqua Security
Taught by
CNCF [Cloud Native Computing Foundation]
