YoVDO

Kernel Runtime Security Instrumentation

Offered By: Linux Foundation via YouTube

Tags

Conference Talks Courses System Administration Courses System Security Courses Linux Security Courses eBPF Courses

Course Description

Overview

Explore the concept of Kernel Runtime Security Instrumentation (KRSI) in this 33-minute conference talk by KP Singh from Google. Dive into the extensible Linux Security Module that allows userspace programs and system owners to attach eBPF programs to security hooks. Learn about the need for KRSI, its representative use cases, and how it compares to existing alternatives like Landlock, custom LSMs, and kprobes+eBPF. Examine the proposed design and interfaces, and witness a live demonstration of KRSI in action. Gain insights into signaling, mitigation strategies, and other relevant signals in kernel security. Understand the underlying structure of LSM and explore various alternatives through case studies and discussions.

Syllabus

Introduction
Signaling and Mitigation
Other Signals
Medications
How does it work
VNeck
LSM
Structure
Alternatives
Case Study
Discussion


Taught by

Linux Foundation

Tags

Related Courses

Analyzing Postgres Performance Problems Using Perf and eBPF
Microsoft via YouTube Citus Con - An Event for Postgres - Americas Livestream
Microsoft via YouTube EBPF - The Next Power Tool of SREs
USENIX via YouTube Kernel Tracing With EBPF
media.ccc.de via YouTube Building Observability for 99% Developers
Docker via YouTube