How to use eBPF telemetry for Linux security detections

Presented by

Christopher Stanley, from an aerospace company, and Ryan Mack, VP of Engineering at Uptycs

About this talk

Security monitoring for containers is tricky. Organizations need to balance the need to detect malicious behavior at the container runtime with the need for efficiency and operational reliability. Enter eBPF. This talk will cover how to use eBPF to extract kernel-level telemetry for security monitoring purposes, along with real-world applications and best practices. Check out the other sessions from Osquery@scale, an annual event hosted by Uptycs for the osquery community. This event was held in San Francisco at the Exploratorium in September, 2022. Join us at future events to learn how security leaders and practitioners from Financial Services, Telco, SaaS, Hi-Tech, and other industries use osquery to manage security risks at scale.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (37)
Subscribers (897)
Secure cloud, containers, and endpoints with one unified solution. Find and remove critical risks in your modern attack surface—from laptops to containers—all from a single UI and data model.