Explore the security implications and enhancements of eBPF programs through a comprehensive examination of Inspektor Gadget's verification and signing capabilities. Delve into the widespread use of eBPF in monitoring and observability, while addressing potential system behavior modifications and associated vulnerabilities. Learn how Inspektor Gadget, an eBPF tool and systems inspection framework for Kubernetes, containers, and Linux hosts, packages eBPF programs as OCI images to improve security. Discover the implementation of cosign for signing OCI images in CI pipelines and verifying them at runtime, effectively denying execution of unsigned images. Gain insights into leveraging Inspektor Gadget to sign and verify eBPF programs with custom private keys, ultimately enhancing overall security by restricting execution to signed programs only.
Verifying and Signing EBPF Programs with Inspektor Gadget
Overview
Syllabus
Verifying and Signing EBPF Programs with Inspektor Gadget - Francis Laniel, Microsoft
Taught by
Linux Foundation
Tags
Related Courses
-
Using eBPF Superpowers to Generate Kubernetes Security Policies
-
Generating Security Policies with eBPF - Hands-on Walkthrough
-
Klustered: eBPF Edition - Debugging Kubernetes with Advanced Tools
-
Powering Observability with Simple, Sharable, eBPF Programs
-
L3AF - Complete Lifecycle Management of eBPF Programs
-
Orchestrating eBPF Programs in Kubernetes
