Real-Time Security: Using eBPF for Preventing Attacks
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore how eBPF can be leveraged for next-generation security enforcement tooling in this 32-minute conference talk by Liz Rice from Isovalent. Dive into demos and code to understand why NetworkPolicy enforcement with eBPF has been established for years, while preventative security for applications has taken longer to develop. Learn about Phantom attacks and their potential to compromise basic system call hooks. Discover how other eBPF attachment points, such as BPF LSM, can be utilized for preventative security. Gain insights into Tetragon and its role in security observability. While prior knowledge of eBPF is not required, a basic understanding of kernel and user space concepts will be beneficial. Be prepared to examine some C code examples throughout the presentation.
Syllabus
Introduction
Overview
Types of activity
LD Preload
K Probe
Linux Security Modules
eBPF Program
Tetragon
Tetragoniska
Context
Prevention
Demo
On the stand
Security observability
Questions
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Tetragon: A Kubernetes Observability and Security ToolLinux Foundation via YouTube Introduction to Tetragon - CNCF Security Tool
CNCF [Cloud Native Computing Foundation] via YouTube eBPF for Observability: The Good, the Bad, and the Ugly
CNCF [Cloud Native Computing Foundation] via YouTube Combining Confidential Computing and Cloud Native Security
CNCF [Cloud Native Computing Foundation] via YouTube Securing the Superpowers: Who Loaded That eBPF Program?
CNCF [Cloud Native Computing Foundation] via YouTube