Extending Non-Repudiable Logs with eBPF
Offered By: Linux Plumbers Conference via YouTube
Course Description
Overview
Explore how eBPF can enhance non-repudiable logging in the Linux kernel to improve system integrity attestation. Learn about an extensible interface that allows user-defined programs to leverage TPM-based non-repudiable logging for any kernel data accessible to eBPF programs. Discover how this approach enables more granular system integrity verification through the wide variety of eBPF hook locations. Examine a practical application of this technique in measuring and storing container image digests to verify and attest container integrity. Gain insights into the exciting future of eBPF in security and trust, and its potential for various use cases.
Syllabus
Extending Non-Repudiable Logs with eBPF - Avery Blanchard, George Almasi
Taught by
Linux Plumbers Conference
Related Courses
Maintaining Deployment Security in Microsoft AzurePluralsight Microsoft Azure Security Engineer: Configure Advanced Security for Compute
Pluralsight Microsoft Azure Security Technologies (AZ-500) Cert Prep: 2 Implement Platform Protection
LinkedIn Learning Securing Containers and Kubernetes Ecosystem
LinkedIn Learning Performing DevSecOps Automated Security Testing
Pluralsight