Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Verifying and Signing EBPF Programs with Inspektor Gadget

Linux Foundation via YouTube

Overview

Explore the security implications and enhancements of eBPF programs through a comprehensive examination of Inspektor Gadget's verification and signing capabilities. Delve into the widespread use of eBPF in monitoring and observability, while addressing potential system behavior modifications and associated vulnerabilities. Learn how Inspektor Gadget, an eBPF tool and systems inspection framework for Kubernetes, containers, and Linux hosts, packages eBPF programs as OCI images to improve security. Discover the implementation of cosign for signing OCI images in CI pipelines and verifying them at runtime, effectively denying execution of unsigned images. Gain insights into leveraging Inspektor Gadget to sign and verify eBPF programs with custom private keys, ultimately enhancing overall security by restricting execution to signed programs only.

Syllabus

Verifying and Signing EBPF Programs with Inspektor Gadget - Francis Laniel, Microsoft

Taught by

Linux Foundation

Reviews

Start your review of Verifying and Signing EBPF Programs with Inspektor Gadget

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.