What is eBPF and Why Should You Care?

Explore the revolutionary eBPF technology in this 45-minute conference talk from 44CON 2022. Dive into the fundamentals of eBPF, its origins in the Linux kernel, and its ability to run sandboxed programs safely within the operating system kernel. Learn how to get started with eBPF, overcome common challenges, and leverage tools like Sysmon For Linux and Cilium/Tetragon for enhanced system observability. Discover various use cases for eBPF, from blue team security monitoring to custom program tracing, kernel vulnerability exploitation, and performance issue detection. Gain insights from Kev Sheldrake, an experienced security software engineer, as he shares his expertise on this exciting technology that's revolutionizing kernel-level programming and system analysis.

Kev Sheldrake - What is eBPF and why should you care?