Explore the evolution and security implications of eBPF (Extended Berkeley Packet Filter) in this 41-minute Black Hat conference talk. Delve into eBPF's progression from a network monitoring tool to a powerful technology for observing various kernel space activities. Learn about its capabilities, potential vulnerabilities, and impact on Linux kernel security. Gain insights from security experts Guillaume Fournier, Sylvain Afchain, and Sylvain Baubeau as they discuss the double-edged nature of eBPF and its significance in modern cybersecurity landscapes.
Overview
Syllabus
With Friends Like eBPF, Who Needs Enemies?
Taught by
Black Hat