Generating Security Policies with eBPF - Hands-on Walkthrough

Explore eBPF-based solutions for detecting and enforcing security events through Security Policy creation in this 33-minute conference talk from KubeCon + CloudNativeCon Europe 2023. Gain hands-on experience with existing tools and approaches for capturing various security events and generating Security Policies. Learn about the evolution from manual filtering of system calls using seccomp and seccomp-bpf to automated solutions like Inspektor Gadget and Red Hat's seccomp profiler. Discover how Tetragon extends security event capture beyond system calls to include binaries, sockets, file operations, capabilities, and namespaces. Through a live demonstration, understand how to leverage these tools, capture different security events, and automatically generate Security Policies. Leave with a comprehensive understanding of implementing optimal eBPF-based security tooling for your system.

You and Your Security Profiles; Generating Security Policies with the Help of eBPF