YoVDO

Securing CI/CD Systems Through eBPF

Offered By: CNCF [Cloud Native Computing Foundation] via YouTube

Tags

eBPF Courses Jenkins Courses GitHub Actions Courses CircleCI Courses GitLab CI Courses Tetragon Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how eBPF technology can be leveraged to secure CI/CD pipelines in this technical talk from KubeCon + CloudNativeCon Europe 2023. Dive into the challenges of securing build environments across bare-metal, virtual machines, and ephemeral setups. Learn about innovative approaches to inject eBPF-based implants for inspecting, identifying, and protecting against malicious activity. Discover use cases including enhanced visibility over build processes, code and artifact integrity assurance, prevention of build process tampering, and implementation of tight network policies to safeguard sensitive information. Witness demonstrations of stopping critical software supply chain attacks while supporting major CI/CD platforms like GitHub Actions, Jenkins, GitlabCI, and CircleCI. Gain insights into eBPF tooling, architecture, functionality, and practical implementation through demos and real-world examples.

Syllabus

Introduction
Agenda
Alexs background
What is eBPF
eBPF tooling
Securing CICD
Why eBPF
SolarWinds
Installation of malicious dependencies
Tetragon
Architecture
Functionality
Installation
GitHub Action
Tracing
Deep Inspection
Integrity
Code Integrity
Network Protection
Network Protection Implementation
Demos
Whats next
Open Source
Conclusion
Questions


Taught by

CNCF [Cloud Native Computing Foundation]

Related Courses

Tetragon: A Kubernetes Observability and Security Tool
Linux Foundation via YouTube
Introduction to Tetragon - CNCF Security Tool
CNCF [Cloud Native Computing Foundation] via YouTube
eBPF for Observability: The Good, the Bad, and the Ugly
CNCF [Cloud Native Computing Foundation] via YouTube
Combining Confidential Computing and Cloud Native Security
CNCF [Cloud Native Computing Foundation] via YouTube
Securing the Superpowers: Who Loaded That eBPF Program?
CNCF [Cloud Native Computing Foundation] via YouTube