Top 5 Concerns Every InfoSec Team Has And How To Overcome Them With eBPF - Natalia Reka Ivanko, Isovalent

less than 1 minute read

Abstract

Security Operations teams often have their hands tied with respect to threat detection and incident investigation in cloud-native environments like Kubernetes. Traditional Security Monitoring tools are severely limited when workloads are containerized, IP addresses are frequently changing, thus no longer provide meaningful identity. However, by using open source tools leveraging the new eBPF technology, it has become possible to aggregate rich workload and Kubernetes API-aware metadata. This information is extremely powerful in SIEM systems and allows proactive monitoring and alerting when a malicious network connection is observed. This talk will give a hands-on, live walkthrough of the most common threat detection challenges that every SecOps team faces today while securing a Kubernetes environment, and offers solutions on how to overcome them by using open source eBPF-based tools.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Top 5 Concerns Every InfoSec Team Has And How To Overcome Them With eBPF - Natalia Reka Ivanko, Isovalent

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google